Join Gartner experts Chris Mixter and Richard Addiscott in this episode of CISO Edge to debunk the myths around why employees behave nonsecurely, why most tactics and executive communications around employee behavior don’t work, and to explore ways to rapidly increase the value delivered by your secure behavior and culture program (SBCP).

• What if I told you that “lack of cyberawareness” isn’t the reason people behave nonsecurely? (03:50)
• Where do your employee-related security incidents come from? (09:56)
• How can we move from compliance-centric to behavior-centric cybersecurity? (13:48)
• Help executives understand what is a defensible level of performance around human risk exposure. (26:15)

Richard Addiscott is a Vice President Analyst in Gartner's global security and risk management practice, helping CISOs and senior cybersecurity executives deliver highly effective information security programs and build high performing cybersecurity teams. With more than 20 years of experience in industry, Richard has held enterprise information security and IT leadership, information security consulting and advisory, IT governance, and business development roles across the public, private, and not-for-profit sectors.