FEATURED WEBINAR
Adopting Human Risk Management: From awareness to action!
January 28, 2026
11 AM CDT (12 PM New York) | 11 AM EEST (9 AM UK)
The right interventions. For the right people. At the right time.
Jinan Budge
VP & Research Director, Forrester
Mark Sedman
Global Head of Cybersecurity, WaterAid
Nicole Ballinger
Information Security GRC Specialist, CXI
Noora Ahmed-Moshe
VP of Strategy & Operations, Hoxhunt
Watch the video
The right interventions. For the right people. At the right time.
Stop spray-and-pray awareness. Start managing human risk.
Let’s kick off 2026 with a conversation led by Jinan Budge (Forrester VP & Research Director)—the world’s premier authority and driving force behind the ascendant Human Risk Management category—and an expert panel of security leaders about how you can move beyond traditional awareness and leverage the principles of a behavior-based training to achieve measurable, automated risk reduction across the spectrum of online behaviors.
Date: Wednesday, Jan. 28
Time: 11 AM CST (12 PM New York) | 11 AM EEST (9 AM UK)
CTA: Save your seat
What we’ll cover
Behavioral intervention model
Jinan will lay out the HRM framework and how it represents a shift from security awareness compliance to detecting, measuring, and managing human risk across the organization based on real behaviors and exposure.
1) Social engineering behaviors
(The entry point)
- Clicking, engaging with, or reporting suspicious emails/messages
Learn why reporting behavior matters more than click behavior in HRM.
2) Data handling & information sharing behaviors
(This is where HRM expands beyond training)
- Sending work files to personal email accounts
- Uploading sensitive data to unapproved cloud tools
- Misuse of collaboration tools (links, permissions, sharing scope)
- Copying data for “convenience” under time pressure
Learn why it matters that these behaviors rarely come from malice, but from productivity friction.
3) Removable media & device behaviors
(Often ignored, high-impact)
- Use of USB drives and external media
- Encryption / password protection usage
- Reporting lost or unknown devices
- Safe transfer practices in low-bandwidth environments
Learn why this is such a big-but-fixable risk.
4) Security process behaviors
(How humans interact with security itself)
- Whether people report incidents at all
- How quickly they report
- Whether they escalate uncertainty instead of guessing
- Willingness to engage with security teams
Learn why "Feeling safe to report anything” is a behavioral outcome, not a slogan
5) Risk exposure behaviors (contextual)
(This is where HRM becomes data-driven)
- Who is exposed to which risks based on role, geography, tools, workflows
- How often risky behaviors repeat
- Which behaviors correlate with incidents or near-misses
Learn why HRM measures risk profiles, not generic “users”
HRM use cases: they've done it, and so can you
You’ll hear concrete, real-world examples from Mark and Nicole on how they integrated security awareness and phishing training with a broader suite of capabilities to address behavioral risks tied to USBs and risky data transfers (without slowing work down).
How to prove impact to leadership
Move from “people completed training” to metrics that matter:
- improved reporting and response
- reduced risky behaviors
- reduced incidents / security friction
- stronger alignment between Awareness + SOC/IR
Speakers
Jinan Budge
VP & Research Director, Forrester
Mark Sedman
Global Head of Cybersecurity, WaterAid
Nicole Ballinger
Information Security GRC Specialist, CXI
Noora Ahmed-Moshe
VP of Strategy & Operations, Hoxhunt
Subscribe to All Things Human Risk
Subscribe to our newsletter for a curated digest of the latest news, articles, and resources on human risk and the ever-changing landscape of phishing threats.
FEATURED WEBINAR
Adopting Human Risk Management: From awareness to action!
The right interventions. For the right people. At the right time.
The right interventions. For the right people. At the right time.
Stop spray-and-pray awareness. Start managing human risk.
Let’s kick off 2026 with a conversation led by Jinan Budge (Forrester VP & Research Director)—the world’s premier authority and driving force behind the ascendant Human Risk Management category—and an expert panel of security leaders about how you can move beyond traditional awareness and leverage the principles of a behavior-based training to achieve measurable, automated risk reduction across the spectrum of online behaviors.
Date: Wednesday, Jan. 28
Time: 11 AM CST (12 PM New York) | 11 AM EEST (9 AM UK)
CTA: Save your seat
What we’ll cover
Behavioral intervention model
Jinan will lay out the HRM framework and how it represents a shift from security awareness compliance to detecting, measuring, and managing human risk across the organization based on real behaviors and exposure.
1) Social engineering behaviors
(The entry point)
- Clicking, engaging with, or reporting suspicious emails/messages
Learn why reporting behavior matters more than click behavior in HRM.
2) Data handling & information sharing behaviors
(This is where HRM expands beyond training)
- Sending work files to personal email accounts
- Uploading sensitive data to unapproved cloud tools
- Misuse of collaboration tools (links, permissions, sharing scope)
- Copying data for “convenience” under time pressure
Learn why it matters that these behaviors rarely come from malice, but from productivity friction.
3) Removable media & device behaviors
(Often ignored, high-impact)
- Use of USB drives and external media
- Encryption / password protection usage
- Reporting lost or unknown devices
- Safe transfer practices in low-bandwidth environments
Learn why this is such a big-but-fixable risk.
4) Security process behaviors
(How humans interact with security itself)
- Whether people report incidents at all
- How quickly they report
- Whether they escalate uncertainty instead of guessing
- Willingness to engage with security teams
Learn why "Feeling safe to report anything” is a behavioral outcome, not a slogan
5) Risk exposure behaviors (contextual)
(This is where HRM becomes data-driven)
- Who is exposed to which risks based on role, geography, tools, workflows
- How often risky behaviors repeat
- Which behaviors correlate with incidents or near-misses
Learn why HRM measures risk profiles, not generic “users”
HRM use cases: they've done it, and so can you
You’ll hear concrete, real-world examples from Mark and Nicole on how they integrated security awareness and phishing training with a broader suite of capabilities to address behavioral risks tied to USBs and risky data transfers (without slowing work down).
How to prove impact to leadership
Move from “people completed training” to metrics that matter:
- improved reporting and response
- reduced risky behaviors
- reduced incidents / security friction
- stronger alignment between Awareness + SOC/IR
Speakers
Jinan Budge
VP & Research Director, Forrester
Mark Sedman
Global Head of Cybersecurity, WaterAid
Nicole Ballinger
Information Security GRC Specialist, CXI
Noora Ahmed-Moshe
VP of Strategy & Operations, Hoxhunt
.avif)
