Behavioral Security and Offensive Psychology at Scale

DerbyCon 9.0 - Finish Line

Presented by: Samantha Davison, Josh Schwartz (@FuzzyNop)
Date: Friday September 06, 2019
Time: 15:00 - 15:45
Location: Track 3

Offensive Security practitioners have a wide array of tools and tactics to breach perimeters, bypass controls, and hack the planet. Security Engagement has the devices to influence in a scalable and repeatable way. Yet somehow our efforts to enact change in the world around us are often abated by organizational positioning, cognitive biases, and public misunderstanding. In this talk we explore where the boundaries for these teams at internal organizations could be expanded, strategies for obtaining buy in, and how strategic partnerships can amplify security behavior change at scale. Drawing on experience from the front lines, tangible solutions for implementation and measurement of impact will be presented.

Samantha Davison

Samantha Davison is a Behavioral Engineering Manager at Lyft where she nudges employees & users towards positive security & privacy behaviors. Before Lyft, Davison designed and implemented security engagement programs at Snap, Uber, and over a dozen Fortune 500 companies. Davison is the proud co-founder of Privilgd, provider of boutique security & privacy consulting.

Josh Schwartz

Josh Schwartz, aka FuzzyNop, has been known to be a computer who knows how to computer. He currently is the Director of Offensive Security at Verizon Media where he and his team hack all the things.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats