8 November 2021 Mie

We should not regard employees as the problem

Philippe Jessen Chief Advisor in Behavioral Communication and Information Security at Operate, and he is one of the speakers at the new international Industrial Security Sonference 15-16-17 November. At the conference, he will talk about risk-based security awareness.

In this article you can read an interview with Philippe Jessen.

How did you get into working with security and how did it develop throughout your career?

I chose to become an independent communication advisor in 2017 specializing in information security awareness, behavior, and culture. Prior to that I worked several years within organizational communication, and I saw an opportunity to contribute to solving a growing challenge within information security

What are the biggest challenges within cybersecurity in your eyes?

Allowing employees to thrive without having to fear that they are going to cause major incidents, production breakdowns or other issues related to information security. We should not regard employees as the problem. We should see them as invaluable resources contributing to the overall business purpose – and it is our job to make it safe for them to do what they do best. But on the top of that: to the extent that employee behavior is important to stay secure, then we should help them follow secure procedures without compromising their ability to solve their core-tasks.

How do we get ahead of ‘the bad guys’?

We do not. They’ll always be ahead. Unfortunately. But we can make it difficult for them … so difficult that they choose to target other companies than the ones we work for.

When looking forward just 5-10 years, what do you think will be different?

Hopefully we will come closer to a situation where state protected hackers in Russia, North-korea, Iran, China and other totalitarian states are easier to target and prosecute. And hopefully all companies have realized that information security is not just an IT-issue.

Besides more funds for security, what do you think would make a difference in the industry?

Guts to share among attacked companies and closer collaboration to fight back. Too many companies hide incidents for obvious reasons, but they would all profit if they worked together – also in connection to incidents. Moreover, there should be found solutions help companies NOT paying ransom. It is of course tempting to pay a relatively small amount if your business is at risk, but it only leads to more ransomware attacks

What will your keynote be about?

It will be about risk-based security awareness. How you should focus on selected employee groups in targeted attempts to ensure they follow procedures and protect the most important company information assets

Do you want to hear more about risk-based security awareness from Philippe Jessen?

Join the international Industrial Security Conference. Read more here and sign up here.