Breaking Down Human-Element Breaches To Improve Cybersecurity – Jinan Budge – BSW #387
Full Audio
View Show IndexSegments
1. Breaking Down Human-Element Breaches To Improve Cybersecurity – Jinan Budge – BSW #387
Organizations continue to suffer from security breaches, too many of which contain a human element. But there’s no consistent definition of the risk posed by human-related breaches, and recommendations are often limited to security awareness and training (SA&T). Understanding the depth and breadth of human-related breaches is critical to implementing adequate security controls within organizations.
Jinan Budge, Research Director at Forrester, joins Business Security Weekly to discuss their Best Practice Report on Deconstructing Human-Element Breaches. Jinan will cover the breadth of human-related breaches, including:
- Social Engineering
- Human Error
- Loss/Theft of Physical Assets
- Social Media Compromise
- Insider Risk
- Deep Fake Scams
- Gen AI Misuse
- Narrative Attacks
and why Security and Awareness Training is not the sole answer to solving human-related breaches. Join us, this discuss may get a little dicey.
Segment Resources: https://www.forrester.com/blogs/breaking-down-human-element-breaches-to-improve-cybersecurity/
Announcements
Identiverse 2025 is returning to Las Vegas, June 3-6. Hear from 250+ expert speakers and connect with 3,000+ identity security professionals across four days of keynotes, breakout sessions, and deep dives into the latest identity security trends. Plus, take part in hands-on workshops and explore the brand-new Non-Human Identity Pavilion. Register now and save 25% with code IDV25-SecurityWeekly at https://www.securityweekly.com/IDV2025
Guest
Jinan leads Forrester’s security and risk research in Asia Pacific, focusing on enabling chief information security officers (CISOs) and technology executives to lead a high-performing security organization and culture. She focuses on ensuring that cybersecurity teams not only attract but also retain the best talent, and she brings a local and global perspective and cultural lens to her research and practice. Previously, Jinan spent several years as director of cyber strategy at Transport for NSW and a similar role with Qantas Airlines. Jinan holds two bachelor’s degrees in science and commerce from the Australian National University.
Hosts
2. Smart Cybersecurity Spending, as CISOs Architect Resilience and Grade Themselves – BSW #387
In the leadership and communications segment, Smart cybersecurity spending and how CISOs can invest where it matters, Grading CISOs: Effective Metrics and Personal Growth Strategies, The Pandemic Proved that Remote Leadership Works, and more!
Announcements
Security Weekly listeners save $100 on their RSAC Conference 2025 Full Conference Pass! RSA Conference will take place April 28 to May 1 in San Francisco and on demand. To register using our discount code, please visit securityweekly.com/rsac25 and use the code 5U5SECWEEKLY! We hope to see you there!
Hosts
- 1. The CISO as Business Resilience Architect
To truly become indispensable in the boardroom, CISOs need to meet the dual demands of defending against sophisticated adversaries while leading resilience strategies.
- 2. Smart cybersecurity spending and how CISOs can invest where it matters
CISOs face mounting pressure to spend wisely on security. Yet, many organizations remain vulnerable due to misplaced priorities and inefficient budgeting. This article explores common pitfalls and offers strategies to strengthen cybersecurity.
- 3. Grading CISOs: Effective Metrics and Personal Growth Strategies
What are some good, bad and ugly ways to measure how your security and technology leaders are doing? More important, how do you measure and improve your own growth as a CISO?
- 4. Burnout in cybersecurity: How CISOs can protect their teams (and themselves)
Cybersecurity is a high-stakes, high-pressure field in which CISOs and their teams constantly battle threats, compliance requirements, and business expectations. The demand for 24/7 vigilance, sophisticated attacks, and a shortage of skilled professionals have led to a burnout epidemic in the industry.
For CISOs, this isn’t just a personal issue, it’s a business risk. A burned-out team is less effective, more prone to errors, and more likely to leave, creating knowledge gaps that further strain security operations. So, what can CISOs do to protect their teams and themselves from burnout? Here’s a structured approach.
- 5. The Pandemic Proved that Remote Leadership Works
In the five years since the start of the Covid pandemic, the conversation about remote work versus return-to-office has centered largely on employees. But organizations also benefit when leaders are remote—when they live and work primarily in a different place than their teams—because they are able to hire from a broader pool of candidates and bring in stars who would be unlikely to move to the company’s headquarters. While there are still concerns around overseeing employees, building team culture, and maintaining visibility, there are ways to overcome them, including: conscious planning and use of time and travel; monitoring performance through technology and structure; and listening and creating connections.
- 6. Active Listening vs. Passive Hearing: Why It Matters in Communication
Have you ever had a conversation where you felt truly heard? Like the person in front of you wasn’t just waiting for their turn to speak but was actually engaged, understanding, and responding in a way that made you feel valued? That’s the power of active listening.
On the flip side, we’ve all experienced conversations where someone nods absentmindedly, throws in the occasional “yeah” or “uh-huh,” but you can tell they’re not really there. That’s passive hearing—and it’s one of the biggest communication killers in our daily lives.
- 7. Cybersecurity classics: 10 books that shaped the industry
Cybersecurity constantly evolves, but some books have stood the test of time, shaping how professionals think about security, risk, and digital threats. Whether you’re a CISO, a seasoned expert, or cybersecurity enthusiast, these must-reads belong on your shelf.
