S2E2 - Dustin Lehr

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/f6/d5/ed/f6d5ed39-c78c-bbc3-9e16-8da9c7df7142/mza_16272558080117222112.jpg/600x600bb.jpg

The Boring AppSec Podcast

28 episodes

5 days ago

In this podcast, we will talk about our experiences having worked at different companies - from startups to big enterprises, from tech companies to security companies, and from building side projects to building startups. We will talk about the good, the bad, and everything in between. So join us for some fun, some real, and some super hot takes about all things Security in the Boring AppSec Podcast.

Technology

RSS

All content for The Boring AppSec Podcast is the property of The Boring AppSec Podcast and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/40655927/40655927-1736141685828-0e4ce07b90353.jpg

S2E2 - Dustin Lehr

The Boring AppSec Podcast

48 minutes 52 seconds

10 months ago

S2E2 - Dustin Lehr

In Season 2 Episode 2, we interview Dustin Lehr, Co-Founder, Chief Product & Technology Officer at Katilyst. We discuss the significance of security champions in application security. We explore the cultural aspects of implementing security champions programs, the challenges of maintaining engagement, and the importance of leadership support. The conversation delves into measuring the success of these programs, the role of behavioral science, and the impact of effective training and gamification in enhancing security awareness within organizations. Dustin discusses the Octalysis framework, which identifies eight core human motivators that can be leveraged in gamification and cybersecurity culture. He emphasizes the importance of building relationships within organizations to change perceptions of security teams and foster a collaborative environment. Dustin also shares insights on the intersection of creativity and cybersecurity, his motivations for starting a company, and the role of AI in enhancing human interactions rather than replacing them.

Key Takeaways

- Security champions programs are crucial for fostering a security culture.

- Engagement and leadership support are key to program success.

- Measuring success can be challenging but is essential.

- Behavioral science plays a significant role in security engagement.

- Gamification can enhance training but must be used wisely.

- Curiosity can drive initial engagement but must be sustained.

- Training should be relevant and tailored to the audience.

- Creating empathy between teams improves security outcomes.

- Deep gamification focuses on understanding human drives.

- Starting a company is about helping others, not just profit.

- AI can augment human interactions but cannot replace them.

- Security teams should focus on providing value and support.

- Human connection is essential in cybersecurity.

- The importance of community and collaboration in security efforts. Tune in to find out more! Contacting Dustin * LinkedIn: https://www.linkedin.com/in/dustinlehr/

* Security Champion Success Guide: https://securitychampionsuccessguide.org/ Contacting Anshuman * LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/in/anshumanbhartiya/ * X: ⁠⁠⁠⁠https://x.com/anshuman_bh * Website: ⁠⁠⁠⁠https://anshumanbhartiya.com/ * ⁠⁠⁠⁠Instagram: ⁠⁠⁠https://www.instagram.com/anshuman.bhartiya Contacting Sandesh * LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/in/anandsandesh/ * X: ⁠⁠⁠⁠https://x.com/JubbaOnJeans * Website: ⁠⁠⁠⁠https://boringappsec.substack.com/