Are you well aware?

How do you know if you’re secure? Most security problems can be combated by changing behaviors using lessons learned from psychology, neuroscience, history, and economics. Security is about people. Cybersecurity is a series of nine habits that can be mastered by anyone.

Leaders can learn to effectively harness these techniques in their businesses as well as their everyday lives.

You are not the problem.

Only you can save your future. Companies and communities lose trillions every year because of bad cybersecurity habits. CEOs have been fired for not understanding cybersecurity. Your family, your company, and your community needs help in order to be secure. Security is everyone’s job.


Lasting change comes from within

Change doesn’t come from a 5-minute security video. Change starts with a vision for where you want to go and a plan for how to get there.

When we train people to be secure, we show them how to set up a pin on their mobile phone or how not to click on links in email. But when a new technology comes out, they need to come back to us for more training because they were given a fish, not taught how to fish.

About George

George Finney is a CISO, author, speaker, professor, and consultant that believes that people are the key to solving our cybersecurity challenges. He offers education and guidance to help anyone master the nine cybersecurity habits that are fundamental to enduring success so that everyone understands, accepts, and contributes to a safe and prosperous future.

Culture Eats Cybersecurity for breakfast

One person, acting alone, can’t create a culture of security. But even a small group of people, working together can find the right fulcrum to move the biggest companies. Security controls in and of themselves are not enough for protection. When groups of people form, norms are established. Sometimes, these norms are antithetical to security. In these cases, one person changing their behavior won’t change the whole company. A culture of cybersecurity embraced at all levels of a company, government, or community is needed.

Companies with below average culture ratings are 3X more likely to experience a data breach.


Recent Articles

  • The Top 10 Best Cybersecurity Strategies
    After reading the great list of the Top 10 Worst Cybersecurity Strategies from Matthew Rosenquist I started thinking about what a similar list might look like for best cybersecurity strategies. We often focus on what not to do in cyber…and this makes sense, it’s more efficient to avoid problems. Where is the advice on what […]
  • The 60 Questions To Ask Before You MSSP Your SOC
    Next week, I’ll be giving a talk “To MSSP or Not to MSSP: Some SOC Questions” at Educause Security Professionals. I’ve never met anyone who has said they love their MSSP. My team and I have been through several POCs with MSSPs, and have used several SOCs with various results. I don’t think there is […]
  • Culture Eats Cybersecurity For Breakfast
    Eggo Waffles weren’t always called Eggo Waffles. In the 1950s, in the boom that followed World War II, Americans began a love affair with frozen foods. Frank Dorsa and his three brothers in San Jose California had been running a highly popular mayonnaise business and had expanded into powdered waffle mix, but demand for their […]