Top 5 Cybersecurity Keynote Speakers for Your Event

cybersecurity keynote speaker John Sileo on stage

Cybersecurity Keynote Speakers are in High Demand

Cybersecurity is a critical issue for businesses and organizations of all sizes and industries and it is more important than ever to stay informed and educated on the latest threats and best practices for protecting sensitive information. One of the best ways to do this is by attending conferences and events where top cybersecurity experts share their knowledge and insights.

As a meeting professional, you have the opportunity to bring these experts to your own events and educate your audiences on the importance of cybersecurity. But not all cybersecurity keynote speakers command an audience in the same way, whether it be with expertise or entertainment. From the entertaining (Sileo), to the academic (Schneier), to the cutting edge (Krebs), to the human psychology (Barker), these are some of the top cybersecurity keynote speakers  that will have attendees talking about your event long after the lights go down:

  1. John Sileo (The Storyteller): John is a leading expert in the field of cybersecurity and data privacy, with two decades of experience stemming from having lost his multi-million dollar internet company to cybercrime. He helps organizations understand the latest threats to their sensitive and highly-profitable information and teaches the strategies they can implement to protect it. He combines real-world examples and personal anecdotes with the latest research and best practices, making his presentations both informative and engaging. John is known for his extensive interaction with the audience, including live hacking an audience-member’s smartphone to illustrate how easily cybercriminals can get into your banking, investment and work accounts through your phone. John has presented at hundreds of conferences, corporate events and government agencies, earning rave reviews from audiences of all sizes and backgrounds. His happy clients include the Pentagon, Amazon, and associations representing virtually every industry.
  2. Brian Krebs (The Reporter): Brian is an investigative journalist and the founder of KrebsOnSecurity, one of the most widely-read cybersecurity news websites. He has deep expertise in the areas of cybercrime and data breaches, and is a sought-after speaker on the topic for his first-class reporting on many of the technical aspects of cybercrime. Brian has written for publications such as The Washington Post and Wired, and has appeared on numerous television and radio programs. As a keynote speaker, Brian brings a wealth of cutting edge breach incidents that he uncovers or is alerted to.
  3. Bruce Schneier (The Technologist): Bruce is a renowned security technologist, author, and public speaker. He is the author of several books on cybersecurity, including “Data and Goliath” and “Applied Cryptography.” Bruce is a regular commentator on security issues in the media, a highly respected thought-leader in the cybersecurity community and a public-interest technologist, working at the intersection of security, technology and people. As a cybersecurity speaker, he is very comfortable diving into the more technical aspects of the topic.
  4. Kevin Mitnick (The Hacker): Kevin is a former hacker turned cybersecurity consultant, author and speaker. He is one of the most well-known figures in the cybersecurity world and his story is the subject of several books and films. Kevin’s presentations draw on his unique perspective and experiences to provide audiences with valuable insights into the world of hacking and cybercrime.
  5. Dr. Jessica Barker (The Psychologist): Jessica is a cyber-psychologist and the co-founder of Cygenta, a cybersecurity consulting firm. She is a highly sought-after speaker on the topic of human behavior and cybersecurity and has presented at conferences and events around the world. Jessica’s presentations focus on the psychological and social aspects of cybersecurity and how to create a culture of security within an organization.

These are some of the top cybersecurity keynote speakers in the industry and you can count on them being booked out months, if not years in advance. John Sileo stands out for remarkable story of losing everything to cybercrime and his ability to deliver complex concepts in a humorous way using his wealth of knowledge and experience in the field. He is a dynamic and engaging keynote speaker for hire who interacts constantly with your audience to make cybersecurity accessible and memorable. Visit his website at where you can find more information and schedule a speaking engagement.

Cybersecurity Awareness Month 2022: Five Disastrous Pitfalls to Avoid at All Costs

Cybersecurity Awareness Month Keynote Speaker

Security Awareness Training that Won’t Put Your Peeps Asleep

National Cybersecurity Awareness Month, which takes place every year in October, is a lot like spring cleaning. It’s when we buckle down and finally get to that pile of papers we’ve been staring at all year. It’s also when we learn to build new systems that prevent the pileup in the first place. Fall is when we turn on the throwback tunes, grab some reinforcement, and dance our way through important cyberthreat mitigation. As a cybersecurity keynote speaker, it is my responsibility to help you know where to start, what to do next, and how to prevent the mess that comes from not paying attention to security awareness training. It is the combination of deep work in October and preventative education throughout the year that make cybersecurity digestible, effective, and even a whole lotta fun. In the meantime, here are 5 Disastrous Pitfalls you can avoid during your organization’s Cybersecurity Awareness Month 2022:

1. Don’t Overstuff October with Awareness

Assuming that your employees are appropriately educated after just a month of data protection training is as ridiculous as saying “I washed my sheets once, so I’m set for the year!” First of all, no. Second of all, gross! To continue our cleaning metaphor, if you wouldn’t ask your most treasured house guests to sleep in a bed with sheets you washed last October, why would you entrust your company’s most sensitive data to a team that is dealing with year-old information??

It is all too easy for organizations to assume that their responsibilities are contained and fulfilled when they dedicate an entire month and a substantial budget to those responsibilities. Don’t get me wrong, I LOVE that we have a month dedicated to cybersecurity awareness. But many organizations concentrate all of their efforts into October while completely neglecting the other 11 months. Here’s the point: Information overload is not effective, for your people or your budget. Corporations that rely on October alone may forfeit some of their responsibility while exhausting their staff into a state of disengagement.

How do I know this? Every year, I am booked solid from September through November, right around–you guessed it–Cybersecurity Awareness Month. And I’m not complaining about the business! But I am concerned that we see a sudden yet fleeting burst of motivation by companies and yet a lack of accountability the rest of the year. More and more, in addition to a keynote event during their October campaign, smart organizations will supplement their education with monthly emails, phishing contests, brown bag lunch dates on personal security, funny social engineering videos and other relevant updates that keep their staff current on the latest cyber trends.

2. Don’t Hire Speakers Who Bore Them to Tears

Emotions matter. Your people matter. A relatable, captivating experience is critical to creating personal buy-in among your employees. And let’s face it, your people are only your weakest link if you let them be. When you bring in engaging, entertaining speakers who make the topic personally relevant to their lives (not just to your bottom line), they will naturally expand and apply that learning to your organization.

Take Facebook for example. They have successfully implemented “Hacktober” during National Cybersecurity Awareness Month, which provides workshops and gamified contests for workers to implement everything they learned throughout the year. And then in October, they reward their team with a highly entertaining speaker (shameless plug ;-) that benefits them personally and professionally.

When I live hack the iPhone of an audience member (using humor to socially engineer them) or run a game show about deep fake technology to educate them on trending threats, they leave not only with tools for protecting the company, but with personal buy-in about why data defense matters. But if it’s boring, it gets forgotten.

3. Don’t Force Feed Them 8 Straight Hours of cybersecurity awareness training

More is not always better. Faster is rarely better. Eight hours of pure content without a bathroom break is not better. And it’s probably illegal. Because we are productive beings focused on “more”, we sometimes confuse efficiency with effectiveness. In the case of security awareness training, eight hours of hearing about hackers, fraudsters and scams (oh my!) isn’t going to do much besides–at best–convincing your people to tune out and enter BORED, SLEEP and WASTE and in their latest Wordle puzzle.

Organizations that treat cybersecurity awareness month as a time to stuff all content into one long day and hope that everyone learns something (or at least stays awake) tend to be wasting their money. More education in less time is not the way to prevent cybercrime from landing you at the top of the news cycle. In fact, content stuffing will dull down the topic so much that your people will care less than when they walked in.

It’s like one of those weeks where you put off doing the laundry just long enough that your clothes barely fit in the washer. So you stuff it all in and not only don’t the clothes get clean, but the machine is toast before the spin cycle subsides. The lesson? Don’t leave your people half-washed by stuffing their brains so full that they can’t finish the cycle. The most savvy data protection education I see tees up the topic with a few new best practices–let’s say password or click hygiene–paired with real life stories of what happens when it all goes bad. Audiences love stories, so don’t drown them with statistics and a boring PowerPoint.

4. Don’t Make it Only About the Organization

Would you rather fold your own underwear or those of a random stranger? If you have any common sense (or knack for hygiene), you’d choose your own. Doing the laundry may not be the funnest part of your Sunday routine, but you know it is necessary because in the end, it directly impacts you. Forget to start the wash? You’re the one going commando. Dumped the basket of dress shirts on the floor and forgot about it? Monday is going to be stress with a side of wrinkles.

The point is, when something impacts us personally, we notice it quicker and invest in it more fully. Many keynote speakers on cyber threats ask you to fold someone else’s laundry–they only want you looking out for the good of the organization. They don’t give individual employees a “why” that impacts each of them personally.

In other words, Cybersecurity Awareness Month is not just about educating. It is about creating emotional buy-in. In order to be remotely effective, cyber education should come over the course of the entire year–not just one month dedicated to it. So why have a dedicated month at all? Because October serves as a national reminder about why this matters. It is the responsibility of your keynote speaker to 1) Get employees and executives passionate about protecting the data that drives your profits and 2) Illustrate how protection affects them personally first. If the individual doesn’t give half a load of laundry about defending their own private information, they sure as heck aren’t going to care about protecting the corporation’s information capital. By bridging the personal and the organizational, we can encourage personal buy-in that leaves the individual and the company better off for it.

So, if Pitfall #3 is an oversupply of content, then Pitfall #4 is having an inadequate reason to listen and take ownership in the first place.

5. Don’t Focus on Failure, Focus on the Future

When organizations and leaders only focus on what their people are doing wrong, those people are far less likely to embrace change. Employees want to feel like they are successfully contributing to the health and well-being of the company. So, if you approach cybersecurity education and awareness from a peripheral angle and point out what IS working and where you have thwarted attacks, individuals feel proud and therefore much more empowered to continue the momentum into the future. Cybercrime is already a negative topic, needlessly harping on past failures only depresses progress.

For example, in my cybersecurity keynote presentation, I make it a priority to point out how it is generally the human beings inside of any organization that catch fraud in process. Your people are your superheroes when it comes to data defense. You can have the greatest technological tools in the world, but if you don’t have a smart human wielding them, they are worth next to nothing. This approach is called Appreciative Inquiry, and it is an incredibly powerful tool in your arsenal of human cyber weapons. And it is generally missing from the average Cybersecurity Awareness Month playlist.

And with that in mind, here is the good news. YOU DON’T HAVE TO BE VICTIM TO THESE PITFALLS. I have witnessed hundreds of cybersecurity awareness month events in my two decades of keynoting events, and the leaders that understand and avoid these pitfalls don’t just create a better awareness event, they build a long-term cybersecurity culture. And that’s something that doesn’t come out in the wash.


John Sileo specializes in Cybersecurity Awareness Month 2022 keynote presentations that set your month, year and awareness program up for success. If you’d like to learn how John will customize his speech to your event, contact us directly on 303.777.322 or by filling out our friendly contact form.

Local Government Cyber Security: Our Next Big Threat

The Fear of Honesty

We’ve gone soft; we fear honesty. I think we even fear being honest with people more than we fear people being honest with us. Honesty has become synonymous with ugly confrontation, rather than just being, well, honesty.

Yesterday, a good friend emailed me a two sentence note reminding me that I hadn’t done something that I’d promised I would do. What I had promised is immaterial to this post, but that I had promised to do it, and then failed, is very important. I gave my word to a good friend, and then ignored my promise. And he had the guts to remind me. In fact, he’s laughing at me right now that I even consider his reminder to be a big deal, because to him it would be phony not to remind me. That’s who he is. And he’s a better friend for it. And in no way could what he did be called confrontational. Direct, yes. Honest, yes.

Here’s the striking part that makes me uncomfortable — I only have THREE friends (in addition to my wife, who is my honesty compass) who have the backbone to call me on something like this. And that makes me sad, because I have many friends, and it means that most of the time I’m probably not hearing the whole truth, maybe just a watered down version of what they think I want to hear. And who knows, maybe that is what I want to hear. Worse yet, I’m not sure I would have confronted me like my friend did (even though it was something minor), which means that I’m no better that those I’m condemning as soft.

But I’m condemning you (us) anyway. I spend my entire workday in the world of fraud; how people are conning each other out of money, mostly. I am surrounded by stories of the wickedly, cleverly dishonest. And I have to say, by shutting up and putting up with them, we enable them. Let me share an example.

As you’ll see from previous posts, I’m constantly being asked for my opinion on the negative impact of social networking (Facebook, Twitter, YouTube, etc.) in the workplace, especially by the CEOs of companies. When people ask me about this, they are usually asking because they want an answer from a privacy perspective: how information is leaking out of their company through social media. Which it is, and I share that with them. But they ask with such urgency – like they are trying to find a reason to crack down on its use.

But the more honest answer that I rarely mention, an answer they themselves sense and are unwilling to confront, at least person to person, is that the real damage of social networking on the workplace comes from the fact that we are spending our work day in personal conversations (enabled by social media) that seriously and negatively impact our productivity. We say that we tweet for business reasons, but a lion’s share of our surfing is personal. How often are we reminded that we’re not getting paid to get back in touch with high-school buddies. Now, I might write it in an article, but to actually say it to someone’s face (the offender) is an entirely different gravity of backbone.

Do we fear offending people, or not being liked? Are we afraid we might get fired, or lose a friendship? I don’t think so.

I think we have unknowingly created a culture that punishes people for honesty:

  • We become social outcasts because we let a neighbor know that their kid was mis-behaving in our home (which he was) and we don’t ask them to stop negatively spinning the story to the rest of our neighbors. And we defend our kid, even when we know that they were mis-behaving.
  • We don’t listen to the news unless it is slathered and tainted with our own self-centered political perspective (do you really think you are getting the most honest version of the story from Glenn Beck or Keith Olbermann?). We don’t want the actual news, we want yummy confirmation about our vision of how the world should be. In the media, honesty is just too boring. If you don’t have an outrageously provocative opinion (by definition, dishonest), it just won’t sell. How many of us watch The Lehrer Report on PBS? How many of us just dismissed that reference to impartiality based on our political views?
  • We ask for 360 Feedback at work and once it is given, go home and complain about how “off” our boss was. But we never tell our boss, we never have the conversation.

The net result of Fearing Honesty is that we become dishonest with ourselves. We drink the Cool-aid, so to speak. We know that no investment returns 15% year, even in bad years, but we continue to give our money to the Bernie Madoffs of the world, hoping. We tell our spouses that the relationship is strong because we can’t bare to tell them the truth. Instead of being direct, we step out on them. We know we need to change, but not as much as the next guy.

Even if you’ve made it this far in the article, you probably won’t see the world differently when you look up from the screen. I’m wondering if I will. If so, it will be thanks to my friend.