Track 1 & Plenary9:45–10:15 AM EDT Welcome & Opening Remarks Lance Spitzner, Certified Instructor, SANS Institute

Track 1 & Plenary10:15–11:00 AM EDT Keynote: Incidents, Breaches and Hacks... Oh My! It’s All About the Human Heather Mahalik, Senior Instructor, SANS Institute

11:00–11:15 AM EDT Break

Track 1 & Plenary11:15–11:35 AM EDT SANS Secure the Sauce Digital Scavenger Hunt Neaka Balloge, Program Manager for Information Security Awareness and Training, Cvent

Track 1 & Plenary11:40 AM – 12:10 PM EDT Quantifying Human Risk with the 2021 DBIR Alex Pinto, Distinguished Engineer, Verizon Enterprise Services

12:10–12:25 PM EDT Break

Track 1 & Plenary12:25–12:55 PM EDT Building Partnerships Across the Company to

Inform and Mature a Security Awareness ProgramAbigail Beehler, Security Awareness Manager, Salesforce

Track 1 & Plenary1:00–1:30 PM EDT Business Email Compromise:

The Silent Cyber ThreatCrane Hassold, Director of Threat Intelligence, Abnormal Security

1:30–2:30 PM EDT Lunch & Bonus Presentation 1:35–2:25 PM EDT Cisco Secure Email: Simplified, Intensified, Maximized – Optimized REGISTER HERE 17:35–18:25 UTC Filipe Lopes, EMEAR Technical Lead for Email Security, Cisco

CPEs & Certificate of Completion • You will receive 12 CPEs for attending the SANS Security Awareness Summit – 6 for each day you attend.• Currently, we are not able to issue CPEs to those that view the Summit recordings.• A Certificate of Completion will be available in your account after the conclusion of the Summit & Training on August 14.• SANS will automatically submit your CPEs to GIAC within 7-10 days after the event end date of August 14 – no action is required on your part.

View the complete agenda here.

#SecAwareSummit

13:45–14:15 UTC

14:15–15:00 UTC

15:00–15:15 UTC

15:15–15:35 UTC

15:40–16:10 UTC

16:10–16:25 UTC

16:25–16:55 UTC

17:00–17:30 UTC

17:30–18:30 UTC

Track 2Everyone Can Play! Building CTFs To Teach Non-Security FolksJoe Kuemerle, Product Security Lead, Salesforce

Track 2Economic Espionage: Behavioral Study on Employee Reporting of Insider Security Risk IncidentsDeanna Caputo, Chief Scientist for Behavioral Sciences and Cyber Security, The MITRE Corporation

Americas Session Day 1 | Thursday, August 5

Security Awareness Summit 2021

Track 1 & Plenary2:30–3:15 PM EDT Panel: Metrics for Today’s Leaders

Moderator:David Breg, Deputy Research Director, WSJ Pro

Panelists:Kurt John, Chief Cybersecurity Officer, Siemens USA

Masha Sedova, Co-Founder & President, Elevate SecurityOz Alashe, CEO and Founder, CybSafe

Alex Pinto, Distinguished Engineer, Verizon Enterprise Services

Track 1 & Plenary3:20–3:50 PM EDT Building an Automated, Tiered Phishing System

Geoffrey Parker, Principal, Cybersecurity Awareness and Education, BlueCross BlueShield of Tennessee

3:50–4:05 PM EDT Break

Track 1 & Plenary4:05–4:35 PM EDT A CISO’s Frenemy: The Human X Factor

Shelby Flora, Global Lead – Cyber Resilient Teams & Organizations, AccentureMasha Sedova, Co-Founder & President, Elevate Security

Track 1 & Plenary4:40–5:10 PM EDT Understanding Cybersecurity Risk Management

Frank Kim, Fellow, SANS Institute

Track 1 & Plenary5:15–5:30 PM EDT Americas Day 1 Wrap-Up

Lance Spitzner, Certified Instructor, SANS Institute

5:30–6:15 PM EDT Bonus Sessions: Making Killer Coffee Cassie Clark, Lead Security Awareness Manager, Cruise

Backyard Beekeeping Ania Spitzner, Hobbyist Beekeeper

Track 2The Power of the CollectiveLisa Plaggemier, Interim Executive Director, National Cybersecurity Alliance

Track 2Translating Cyber: How to Shake Off the “Curse of Knowledge” and Make Your Security Message More ImpactfulKerry Tomlinson, Cybersecurity News Reporter, Ampere News

Track 2Don’t Reward The Brilliant Jerk: Fix Toxic Security CultureJinan Budge, Principal Analyst, Forrester Research

View the complete agenda here.

#SecAwareSummitAmericas Session (Continued) Day 1 | Thursday, August 5

Security Awareness Summit 2021

18:30–19:15 UTC

19:20–19:50 UTC

19:50–20:05 UTC

20:05–20:35 UTC

20:40–21:10 UTC

21:15–21:30 UTC

21:30–22:15 UTC

CPEs & Certificate of Completion • You will receive 12 CPEs for attending the SANS Security Awareness Summit – 6 for each day you attend.• Currently, we are not able to issue CPEs to those that view the Summit recordings.• A Certificate of Completion will be available in your account after the conclusion of the Summit & Training on August 14.• SANS will automatically submit your CPEs to GIAC within 7-10 days after the event end date of August 14 – no action is required on your part.

Track 1 & Plenary00:00–00:20 UTC Welcome & Opening Remarks – APAC Blair Adamson, Cyber Influence – Senior Lead, Telstra

Track 1 & Plenary00:20–00:50 UTC Building an Automated, Tiered Phishing System Geoffrey Parker, Principal, Cybersecurity Awareness and Education, BlueCross BlueShield of Tennessee

Track 1 & Plenary00:55–01:25 UTC It Takes a Village – Engaging Multi-Disciplinary Teams to Inform Your Strategy Daisy Wong, Cyber Culture and Engagement Lead, Department of Premier and Cabinet in Victoria, Australia

Melissa Misuraca, Cyber Security Culture Specialist, Freelance

Track 1 & Plenary01:30–02:00 UTC People, People, People Darren Kane, Chief Security Officer, nbn

02:00–02:15 UTC Break

Track 1 & Plenary02:15–02:45 UTC How to Tell Better Stories, More Often, to Boost Your Security Outcomes Emily Edgeley, Public Speaking Coach, Emily Edgeley

Track 1 & Plenary02:50–03:20 UTC Don’t Reward The Brilliant Jerk: Fix Toxic Security Culture Jinan Budge, Principal Analyst, Forrester Research

Track 1 & Plenary03:25–03:59 UTC Panel: SIT Leaders Share Their One Thing for 2021 Panelists: Blair Adamson, Cyber Influence – Senior Lead, Telstra Paul De Araujo, Security Influence and Initiatives Manager, nbn™ Australia Erica Hardinge, Head of Security Influence & Outreach, ANZ Laura Hartley, Manager, Enterprise Security Advisory & Awareness, National Australia Bank

View the complete agenda here.

#SecAwareSummitAsia Pacific Session Day 2 | Friday, August 6

Security Awareness Summit 2021

8:00–8:20 PM EDT

8:20–8:50 PM EDT

8:55–9:25 PM EDT

10:00–10:15 PM EDT

9:30–10:00 PM EDT

10:15–10:45 PM EDT

10:50–11:20 PM EDT

11:25–11:59 PM EDT

CPEs & Certificate of Completion • You will receive 12 CPEs for attending the SANS Security Awareness Summit – 6 for each day you attend.• Currently, we are not able to issue CPEs to those that view the Summit recordings.• A Certificate of Completion will be available in your account after the conclusion of the Summit & Training on August 14.• SANS will automatically submit your CPEs to GIAC within 7-10 days after the event end date of August 14 – no action is required on your part.

Track 1 & Plenary08:00–08:20 UTC Welcome & Opening Remarks – EMEA Jessica Barker, co-CEO, Cygenta Oz Alashe, CEO and Founder, CybSafe

Track 1 & Plenary08:20–08:50 UTC Utilizing Marketing Techniques to Manage Human Risk: A Marketeers Journey in InfoSec… So Far James van den Bergh, Security Awareness Lead Specialist, DLA Piper

Track 1 & Plenary08:55–09:25 UTC How to Choose Effective Interventions for Information Security Behaviour Martine van de Merwe, Consultant Human Risk in Healthcare, Privacy Lab Lourens Dijkstra, CISO, Lentis

Track 1 & Plenary09:30–10:00 UTC What Your Awareness Program Can’t Fix – And How You Fix That John Scott, Associate Instructor

10:00–10:15 UTC Break

Track 1 & Plenary10:15–10:45 UTC (Open Sourced) Cyber Scavenger Hunts: Gamified Security Awareness –

A Private & Government Collaboration Victoria Schiffer, Head of Security Culture & Trust, SEEK Daisy Wong, Cyber Culture and Engagement Lead, Department of Premier and Cabinet in Victoria, Australia

Track 1 & Plenary10:50–11:20 UTC Data-Led Behavior Change Tim Ward, CEO & Co-Founder, Think Cyber Security Ltd. Rebecca Schroder, Digital Comms & Security Awareness Manager, Vodafone

Track 1 & Plenary11:25–11:55 UTC The Day I Wish I Went to Oxford... Kieren Lovell, Head of Information Security, Pipedrive

12:00–13:45 UTC Break

View the complete agenda here.

#SecAwareSummitEurope, Middle East & Africa Session Day 2 | Friday, August 6

Security Awareness Summit 2021

4:00–4:20 AM EDT

4:20–4:50 AM EDT

4:55–5:25 AM EDT

5:30–6:00 AM EDT

6:00–6:15 AM EDT

6:15–6:45 AM EDT

6:50–7:20 AM EDT

7:25–7:55 AM EDT

8:00–9:45 AM EDT

CPEs & Certificate of Completion • You will receive 12 CPEs for attending the SANS Security Awareness Summit – 6 for each day you attend.• Currently, we are not able to issue CPEs to those that view the Summit recordings.• A Certificate of Completion will be available in your account after the conclusion of the Summit & Training on August 14.• SANS will automatically submit your CPEs to GIAC within 7-10 days after the event end date of August 14 – no action is required on your part.

Track 1 & Plenary9:45–10:00 AM EDT Welcome & Opening Remarks Lance Spitzner, Certified Instructor, SANS Institute

Track 1 & Plenary10:00–10:45 AM EDT Keynote: Designing For The Behaviors You Want BJ Fogg, PhD., Behavior Scientist, Stanford University

10:45–11:00 AM EDT Break

Track 1 & Plenary11:00–11:30 AM EDT Cybersecurity is Human Security: What Does and

Doesn’t Work to Address Human RiskBenjamin Edwards, Senior Data Scientist, Cyentia Institute

Track 1 & Plenary11:35 AM – 12:05 PM EDT NIST, NICE and YOU – The Cybersecurity Awareness

and Training ProfessionalKaren Wetzel, Manager, NICE Framework, NISTMarian Merritt, Deputy Director, NIST

12:05–12:20 PM EDT Break

Track 1 & Plenary12:20–12:55 PM EDT Leverage the Power of Enabling Change Rob Oddi, Change Management, Culture & Leadership Expert

Track 1 & Plenary1:00–1:20 PM EDT Lightning Talk 1: Carrots and Sticks: Why You Should Think Twice About Punishing Your Staff John Blythe, Director of Research & Behavioral Science, CybSafe

Lightning Talk 2: How Aligned Are You With Your Leadership? Janet Roberts, Global Head of Security Education & Awareness, Zurich Insurance

1:20–2:20 PM EDT Lunch

View the complete agenda here.

#SecAwareSummitAmericas Session Day 2 | Friday, August 6

Security Awareness Summit 2021

Track 2Every Attitude Matters: Good Safety Behaviors Generate RewardsLeticia Freitas, Senior Information Security Analyst, Globo

Track 2Knowing the Human: Using Emotional Intelligence to Manage Human RiskCorwin Tobias, Information Security Awareness Ambassador, Blue Yonder

13:45–14:00 UTC

14:00–14:45 UTC

14:45–15:00 UTC

15:00–15:30 UTC

15:35–16:05 UTC

16:05–16:20 UTC

16:20–16:55 UTC

17:00–17:20 UTC

17:20–18:20 UTC

CPEs & Certificate of Completion • You will receive 12 CPEs for attending the SANS Security Awareness Summit – 6 for each day you attend.• Currently, we are not able to issue CPEs to those that view the Summit recordings.• A Certificate of Completion will be available in your account after the conclusion of the Summit & Training on August 14.• SANS will automatically submit your CPEs to GIAC within 7-10 days after the event end date of August 14 – no action is required on your part.

Track 1 & Plenary2:20–2:50 PM EDT Building, Maturing and Sustaining a Security

Awareness ProgramMahesh Bang, Security Architect – Strategic Technical Advisor, Cisco Systems Inc.

Track 1 & Plenary2:55–3:25 PM EDT Metrics That Matter – Demonstrating Security

Training’s Impact to Your BusinessStephanie Pratt, Senior Security Awareness Content Manager, Living SecurityCandice Henderson, Director, Client Success, Living Security

Track 1 & Plenary3:30–4:00 PM EDT Utilizing Marketing Techniques to Manage Human

Risk: A Marketeers Journey in InfoSec… So FarJames van den Bergh, Security Awareness Lead Specialist, DLA Piper

4:00–4:15 PM EDT Break

Track 1 & Plenary4:15–4:45 PM EDT Ransomware, Security Awareness, and YOU!

Ryan Chapman, Associate Instructor

Track 1 & Plenary4:50–5:20 PM EDT Scavenger Hunt Results/Survey Results

Track 1 & Plenary5:25–5:45 PM EDT Event Wrap-Up Lance Spitzner, Certified Instructor, SANS Institute

View the complete agenda here.

#SecAwareSummitAmericas Session (Continued) Day 2 | Friday, August 6

Security Awareness Summit 2021

Track 2How Non-Educators Educate Effectively – The Secret Recipe to Building Impactful Training ProgramsMary Dziorny, Senior Cybersecurity Consultant, Accenture

Track 2Democratizing the Hacker Mindset – A Guide to Transitioning from Binary to AnalogyMoussa Noun, Sr. Manager Cyber Awareness & Education, Royal Bank of Canada

Track 2Virtually Training Your Workforce: How to Provide Awareness When Your Workforce is RemotePriya Vennapusa, Governance Awareness and Training Leader, BCBSM

Track 2How to Roll Your Own Pro-Level Content on the CheapPerry Carpenter, Chief Evangelist and Strategy Officer, KnowBe4

18:20–18:50 UTC

18:55–19:25 UTC

19:30–20:00 UTC

20:00–20:15 UTC

20:15–20:45 UTC

20:50–21:20 UTC

21:25–21:45 UTC

CPEs & Certificate of Completion • You will receive 12 CPEs for attending the SANS Security Awareness Summit – 6 for each day you attend.• Currently, we are not able to issue CPEs to those that view the Summit recordings.• A Certificate of Completion will be available in your account after the conclusion of the Summit & Training on August 14.• SANS will automatically submit your CPEs to GIAC within 7-10 days after the event end date of August 14 – no action is required on your part.

PACIFIC

CENTRAL

EASTERN

BRITISH SUMMER TIMECENTRAL EUROPEAN SUMMER TIME INDIA

SINGAPORE

AUSTRALIAN EASTERN

UTC

Time Zones | Day 1 (Thu, August 5+)

6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM 8PM 9PM 10PM 11PM 12AM

6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM 8PM 9PM 10PM 11PM 12AM

6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM 8PM 9PM 10PM 11PM 12AM

6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM 8PM 9PM 10PM 11PM 12AM

6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM 8PM 9PM 10PM 11PM 12AM

6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM 8PM 9PM 10PM 11PM 12AM

6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM 8PM 9PM 10PM 11PM 12AM

6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM 8PM 9PM 10PM 11PM 12AM

10:00 11:00 12:00 13:00 14:00 15:00 16:00 17:00 18:00 19:00 20:00 21:00 22:00 23:00 0:00 1:00 2:00 3:00 4:00

2:00PM FRIDAY

12:00PM FRIDAY

9:30AM FRIDAY

5:00AM FRIDAY

6:00AM FRIDAY

PACIFIC

CENTRAL

EASTERN

BRITISH SUMMER TIMECENTRAL EUROPEAN SUMMER TIME INDIA

SINGAPORE

AUSTRALIAN EASTERN

UTC

Time Zones | Day 2 (Fri, August 6+)

1AM 2AM 3AM 4AM 5AM 6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM

1AM 2AM 3AM 4AM 5AM 6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM

1AM 2AM 3AM 4AM 5AM 6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM

1AM 2AM 3AM 4AM 5AM 6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM

1AM 2AM 3AM 4AM 5AM 6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM

1AM 2AM 3AM 4AM 5AM 6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM

1AM 2AM 3AM 4AM 5AM 6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM

1AM 2AM 3AM 4AM 5AM 6AM 7AM 8AM 9AM 10AM 11AM 12PM 1PM 2PM 3PM 4PM 5PM 6PM 7PM

5:00 6:00 7:00 8:00 9:00 10:00 11:00 12:00 13:00 14:00 15:00 16:00 17:00 18:00 19:00 20:00 21:00 22:00 23:00

7:45AM SATURDAY

5:45AM SATURDAY

3:15AM SATURDAY

10:45PM FRIDAY

11:45PM FRIDAY

#SecAwareSummit

Security Awareness Summit 2021