Why Security Education Must Be Highly TargetedProfessor Angela Sasse on Meeting Employees' Needs
Security education for employees is worthless unless it's highly targeted, says Angela Sasse, a professor of human-centered security at Ruhr University Bochum in Germany.
"Not all employees face the same risks, and education needs to be targeted," Sasse says. "It's about finding a quick way of diagnosing what they need to know and then delivering that in a format that's sensible, but also appealing."
In a video interview with Information Security Media Group, Sasse discusses:
- Myths and realities around human behavior and security;
- How organizations can deliver better security education to employees;
- Managing identity in the cloud and the future of authentication.
In addition to her role at Ruhr University Bochum, Sasse also teaches at University College London. She holds a Ph.D. in computer science from the University of Birmingham, is a fellow of the British Computer Society and was elected a fellow of the Royal Academy of Engineering in 2015.