How to Build a Security-First Culture: Insights from Fred Kwong, CISO of DeVry University

In this episode of Phishing for Answers, Fred Kwong, CISO of DeVry University, emphasizes the importance of building a security-aware culture within organizations. He shares his insights on fostering employee security awareness and discusses practical strategies that CISOs and security leaders can implement to humanize their security programs. This episode dives deep into the challenges of creating a proactive security culture, balancing friction in security training, and the benefits of gamification and personalized cybersecurity training.

Top 5 Reasons to Watch:

1. Learn how to build a security-aware culture within your organization.

2. Discover why personalization in security training drives better engagement.

3. Understand the importance of minimizing friction in security awareness programs.

4. Explore how gamification can make security training more engaging and memorable.

5. Gain insights into the human element of cybersecurity and how to balance user experience with security needs.

Quotes From This Episode:

“Our employees are the first and last line of defense when it comes to security. Unless you’re taking the time to spend and really drive a culture of security knowledge and security value, you’re never going to exceed or excel in terms of building that inside of the organization.” Fred Kwong, CISO of DeVry University

At PhishFirewall, we understand that building a culture of security is essential. Our platform goes beyond traditional training by leveraging microlearning and behavioral science to foster a proactive and security-conscious workforce.

“Security isn’t just about technology and controls—there’s a culture you need to build to make your organization more cyber-prepared.” Fred Kwong, CISO of DeVry University

PhishFirewall enables organizations to strengthen their security culture. We use psychology-driven training and role-based content to make security personal, empowering employees to take an active role in the company’s defense against cyber threats.

Why PhishFirewall?

PhishFirewall has cracked the code for changing user behavior and stopping the click. Our key differentiators include:

• Microtraining: We deliver concise, high-impact content that keeps users engaged without overwhelming them.

• Role-Based Training: Our training adapts to the unique needs of every employee, ensuring relevant and targeted security education.

• Psychology-Driven Approach: By applying principles of behavioral science, PhishFirewall helps users internalize security best practices and become active participants in securing your organization.

‍