How effective is your security awareness training? In this episode of The Allied Angle, Josh Gideon, author and Director, Cyber Risk Management at Allied, joins us to unpack what most financial institutions get wrong about awareness programs and what to do instead. Drawing on decades of experience and research, Josh shares why traditional training falls short, how psychological safety and human behavior play a critical role, and what smaller credit unions and banks can do right now to strengthen their defenses.
View Josh's latest book, Don't Forget the Humans, here.
In this episode:
00:34 Get to know Josh
03:13 Defining security awareness and what prompted your strategy shift
06:20 How research shaped your cybersecurity approach (and practical takeaways for credit unions)
10:22 “Awareness should be more like a drill than a document.”
13:55 Supporting financial services employees at higher risk
16:42 Building a culture of psychological safety where employees aren’t afraid to make mistakes.
18:35 Security champions: their role in fostering awareness and accountability
21:48 Practical advice for smaller credit unions building a people-first strategy
23:47 One misconception about security awareness in financial institutions you’d like to change
