Exploring Information Security - Exploring Information Security

How to Create User-Centric Security with Javvad Malik

26 Nov 2024

Audio

Description

Summary: In this episode of Exploring Information Security, host Timothy De Block and guest Javvad Malik, security awareness advocate and writer for KnowBe4, delve into the concept of user-centric design in security. Javvad shares insights on building security controls that enhance user experience rather than hinder it, and explores how organizations can foster a security culture by making processes more intuitive and less obstructive. Key Takeaways: Empathy in Security Controls: Javvad discusses the importance of understanding users’ needs and challenges. He emphasizes that security should focus on helping users rather than enforcing rigid policies. Using familiar examples, like Tetris vs. Minecraft, he illustrates the shift from a rigid, top-down approach to a more adaptable, user-driven model. Learning from Shadow IT: Rather than forbidding unauthorized tools, Javvad suggests engaging with employees to understand why they choose certain applications. By integrating tools that users find convenient, security teams can balance security with user needs. Behavioral Science Meets Security: Javvad highlights the value of metrics in understanding user behavior and assessing risks. He proposes using a combination of security metrics—like phishing susceptibility and device usage—to gauge an individual’s or department’s security behavior, thereby creating a more effective, user-centric security program. The Power of Nudge Theory: Drawing from behavioral science, Javvad explores how gentle prompts, like password managers and risk reminders, can steer users toward safer behaviors. He likens this to everyday nudges we see, such as speed-limit reminders on roads, which encourage compliance without confrontation. Resources Mentioned: KnowBe4 Blog: Javvad’s blog on KnowBe4 about user-centric design. Behavioral Science Books: Recommended readings include Nudge: Improving Decisions About Health, Wealth, and Happiness by Richard H. Thaler and Cass R. Sunsteinand and Tiny Habits by BJ Fogg for insights into influencing behavior. Invisible Gorilla Test: A classic experiment demonstrating how easily we miss the obvious, relevant to security’s focus on user awareness. About Our Guest: Javvad Malik is a security awareness advocate and writer at KnowBe4. He uses storytelling and humor to make security concepts relatable and user-friendly. Follow his latest articles on the KnowBe4 blog, where he offers practical insights into security awareness and user-focused security design.

Transcription

This episode hasn't been transcribed yet

Help us prioritize this episode for transcription by upvoting it.

0 upvotes

🗳️ Sign in to Upvote

Popular episodes get transcribed faster

Other recent transcribed episodes

Transcribed and ready to explore now

13:00H | 21 DIC 2025 | Fin de Semana

01 Jan 1970

Fin de Semana

10:00H | 21 DIC 2025 | Fin de Semana

01 Jan 1970

Fin de Semana

12:00H | 20 DIC 2025 | Fin de Semana

01 Jan 1970

Fin de Semana

2ª PARTE | 06 ENE 2026 | EL PARTIDAZO DE COPE

01 Jan 1970

El Partidazo de COPE

3ª PARTE | 22 ENE 2026 | EL PARTIDAZO DE COPE

01 Jan 1970

El Partidazo de COPE

3ª PARTE | 04 MAR 2026 | EL PARTIDAZO DE COPE

01 Jan 1970

El Partidazo de COPE

Comments

There are no comments yet.

Please log in to write the first comment.

Report any issue

Exploring Information Security - Exploring Information Security

How to Create User-Centric Security with Javvad Malik

This episode hasn't been transcribed yet

Other recent transcribed episodes

13:00H | 21 DIC 2025 | Fin de Semana

10:00H | 21 DIC 2025 | Fin de Semana

12:00H | 20 DIC 2025 | Fin de Semana

2ª PARTE | 06 ENE 2026 | EL PARTIDAZO DE COPE

3ª PARTE | 22 ENE 2026 | EL PARTIDAZO DE COPE

3ª PARTE | 04 MAR 2026 | EL PARTIDAZO DE COPE

Sign in to Audioscrape

Share this moment