Tessian Human Layer Security Summit Takeaways

By ILTA Press posted 03-05-2020 13:49


Untitled_design__3_.pngILTA Staff Member Mercedes Brown had the pleasure of attending the sold-out Human Layer Security Summit hosted by Tessian on 4 March 2020.

Security practitioners, experts and thought leaders gathered in London to learn how to protect their employees and business from internal and external threats. 

“I had no idea what to expect going into the HLS,” said Mercedes. “It ended up being a refreshing take on how to engage the human behind the screen by empowering them with the right information to carry out their duties in a manner consistent with your company's information security values/ strategy.

With the focus on people and not just devices, the panel discussed their experience on the human layer and how they use Tessian to minimise risk while ensuring compliance. 


  1. Availability of the team is a key factor for security teams, especially in developing business continuity plans.
  2. Managing an ever-expanding workflow. Security professionals have to navigate their workload of rapid changes to legislation in their different offices as well as their ongoing daily duties. 
  3. Email is still king for Legal (traditional). This raises challenges in terms of new apps and cloud. 
  4. Empower employees so your security team can focus on strategic decisions. Give your people the correct tools so you can develop a strategy that demonstrates ROI.
  5. Security is an enabler. Think of it as a competitive advantage rather than focusing on messaging around risk mitigation.
  6. Disclose the extent of human error/human element in data breach or data protection. Change mindsets so you don’t have to spoon feed constantly. Make your users aware of accountabilities and responsibilities. Human element is repeated in most breaches or risk situations.
  7. Hackers are successful when they use stipulations. Be cognizant of panic-inducing messages such as “must be actioned in two days.” 

How to implement takeaways 

Some advice given was to create data protection awareness raising campaigns and to have a variety of approaches. To receive buy-in, you should think like an entrepreneur, have people thinking about potential consequences, and work with people with diverse backgrounds.  

To learn more about the event, you can register for their livestream and receive the recording here.