My book has been translated into Persian
Posted: August 23, 2017 Filed under: Research, Skills Development | Tags: Security Leave a commentMy book has been translated into Persian by Dr. Mohammad Reza Taghva from Allame Tabatabaee University and Mr. Saeed Kazem Pourian from Shahed University. Please get in touch if you would like to learn more.
Augusta University’s Cyber Institute adopts my book
Posted: January 24, 2017 Filed under: Information Security Management, Research, Skills Development | Tags: Security Leave a commentJust received some great news from my publisher. My book has been accepted for use on a course at Augusta University. Here’s some feedback from the course director:
Augusta University’s Cyber Institute adopted the book “The Psychology of Information Security” as part of our Masters in Information Security Management program because we feel that the human factor plays an important role in securing and defending an organisation. Understanding behavioural aspects of the human element is important for many information security managerial functions, such as developing security policies and awareness training. Therefore, we want our students to not only understand technical and managerial aspects of security, but psychological aspects as well.
The Psychology of Information Security – Get 10% Off
Posted: October 11, 2016 Filed under: Security Culture, Skills Development | Tags: Psychology Leave a commentIT Governance Publishing kindly provided a 10% discount on my book. Simply use voucher code SPY10 on my publisher’s website.
Offer ends 30 November 2016.
I’ve been interviewed by Javvad Malik about my career in InfoSec
Posted: July 28, 2016 Filed under: Career Opportunities, Interview, Skills Development Leave a commentI’ve been interviewed by Javvad Malik about my career in Information Security. He published the interview on his website
The difference between Leron and anyone else that has ever asked for advice is his willingness to learn and take on board as much knowledge as possible and then apply it. In a few short years, not only was Leron able to complete his MSc, but he landed a job (while turning down other offers), spoke at events, and wrote a book. Achieving more in 3 years than most people do in 10.
So, the roles are now reversed. I needed to catch up with Leron and pick his brains about his journey and see what I could learn from him.
Read the full story
The Psychology of Information Security book reviews
Posted: May 31, 2016 Filed under: Information Security, Information Security Management, Interview, ISO 27001, Productive Security, Research, Risk Management, Security Culture, Skills Development | Tags: Cyber, Human Behaviour, Information Security, ISO 27001, Risk Management, Security Culture Leave a commentI wrote about my book in the previous post. Here I would like to share what others have to say about it.
“So often information security is viewed as a technical discipline – a world of firewalls, anti-virus software, access controls and encryption. An opaque and enigmatic discipline which defies understanding, with a priesthood who often protect their profession with complex concepts, language and most of all secrecy.
Leron takes a practical, pragmatic and no-holds barred approach to demystifying the topic. He reminds us that ultimately security depends on people – and that we all act in what we see as our rational self-interest – sometimes ill-informed, ill-judged, even downright perverse.
No approach to security can ever succeed without considering people – and as a profession we need to look beyond our computers to understand the business, the culture of the organisation – and most of all, how we can create a security environment which helps people feel free to actually do their job.”
David Ferbrache OBE, FBCS
Technical Director, Cyber Security
KPMG UK
“This is an easy-to-read, accessible and simple introduction to information security. The style is straightforward, and calls on a range of anecdotes to help the reader through what is often a complicated and hard to penetrate subject. Leron approaches the subject from a psychological angle and will be appealing to both those of a non-technical and a technical background.”
Dr David King
Visiting Fellow of Kellogg College
University of Oxford
Talking to PhD students about cyber security
Posted: March 18, 2016 Filed under: Career Opportunities, Information Security, Presentations, Skills Development | Tags: Information Security Leave a commentI recently had the pleasure to help organise and host PhD students from Royal Holloway, University of London (RHUL), who spent a day at my company interacting with the team in order to gain industry insights.
This day-long event included presentations by the students, their lecturers, our partners and consultants.
During one of these presentations, I shared some of my own experiences as an information security consultant, in which I talked about my role and area of expertise. I also discussed current security challenges and provided some career advice.
Several round table discussions provided everybody with much needed food for thought. We covered topics like security monitoring, threat intelligence, information protection in digital health and the role of the C-suite.
We received positive responses from the professors – the students enjoyed the presentations and learned a lot from the interactions during the day.
Presenting on cyber security at UCL
Posted: December 20, 2015 Filed under: Information Security, Presentations, Productive Security, Skills Development | Tags: Cyber, Psychology Leave a commentThe UCLU Technology Society invited me to deliver a talk on information security to UCL students. Together with my colleague, I discussed various aspects of information security focusing on both technical and non-technical topics.
We talked about Advanced Persistent Threats and common misconceptions people have about them. When referring to protection measures, I emphasised the importance of considering human aspects of security. I described typical causes of a poor security culture in companies, along with providing some recommendations on improving it.
I concluded the evening with a discussion on managing and communicating the necessary changes within the organisation and the skills required to successfully do that.