DISCARDED: Tales From the Threat Research Trenches
DISCARDED: Tales from the Threat Research Trenches is a podcast for security practitioners, intelligence analysts, and threat hunters looking to learn more about the threat behaviors and attack patterns. Each episode you’ll hear real world insights from our researchers about the latest trends in malware, threat actors, TTPs, and more.
Welcome to DISCARDED
DISCARDED: Tales From the Threat Research Trenches
Snowball Learning: Getting Real About Cybersecurity Training
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
Hello to all our Cyber Pals! Host Selena Larson and co-host, Sarah Sabotka, chat with Dr. Bob Hausmann, Lead Cognitive Scientist of Human Risk Management at Proofpoint. They have a timely conversation on whether cybersecurity training actually works and what it takes to make it effective.
They unpack why traditional annual training and phishing simulations often fall short, and how insights from cognitive psychology can help organizations design awareness programs that truly change behavior. Drawing on Dr. Bob’s recent research, the conversation explores just-in-time nudges, microlearning, and how understanding attention, memory, and emotion can make security guidance more actionable in the moments that matter most.
In this episode, they cover:
- Why once-a-year security training shows little impact on real-world behavior
- How just-in-time nudges work and where they fit into security awareness programs
- The role of cognitive load, attention, and repetition in learning and memory
- How amygdala hijack and emotional manipulation factor into phishing success
- Why foundational knowledge is critical for nudges to be effective
- The difference between education-driven nudges and punitive approaches to training
- Practical ways organizations can design training that fits into everyday workflows
This episode offers a research-backed, human-centered look at security awareness—showing why better outcomes depend less on blaming users and more on designing training that works with the brain, not against it.
Resources Mentioned:
https://www.proofpoint.com/us/blog/security-awareness-training/cybersecurity-nudges-cautionary-tale
For more information about Proofpoint, check out our website.
Subscribe & Follow:
Stay ahead of emerging threats, and subscribe! Happy hunting!