Creating a Security Culture Through User Experience

CISO Series reporter Steve Prentice recently wrote an excellent article on how to build a culture of security within your organization. We recently shared that post on LinkedIn and asked our CISO community to weigh in with some of their best practices. We got fantastic thoughts in response, many hitting on the theme that user experience is a key part of an overall security culture. Kathy Wang, former CISO at Discord, summed it up best by saying, “Whatever actions Security would like users to take, make sure that’s the easiest thing for users to do.”

Thanks to everyone who offered suggestions, including Erik Bloch, head of global security operations, Atlassian, Josh Mason, senior consultant, Neuvik Solutions, Dr. Tim Nedyalkov, technical information security officer, Commonwealth Bank, Art Ocain, CISO, Airiam, Dutch Schwartz, global strategy leader, stratigic industries, AWS, Hadas Cassorla, CISO, M1, and Shawn Bowen, CISO, World Kinect Corporation.

Huge thanks to our sponsor, Code42

Code42 is focused on delivering solutions built with the modern-day collaborative culture in mind. Code42 Incydr tracks activity across computers, USB, email, file link sharing, Airdrop, the cloud and more, our SaaS-based solution surfaces and prioritizes file exposure and data exfiltration events. Learn more at
Rich Stroffolino is a podcaster, editor and writer based out of Cleveland, Ohio. He's spent the past five years creating media for technology enthusiasts and IT practitioners. He dreams of someday writing the oral history of Transmeta.