Tag Archive for: Keynote Speaker

A Wildly UN-BORING Cybersecurity Awareness Month: How to Make Security Training People Actually Want to Attend

When most employees see Cybersecurity Training pop up on their calendars, their first instinct is to feign a mysterious illness. It’s no wonder: Cybersecurity Awareness Month (CSAM) has earned a reputation for being the corporate equivalent of watching paint dry. But in a world where cybercriminals are evolving into full-fledged criminal enterprises—complete with HR departments and holiday parties—it’s time we gave security training the glow-up it desperately needs.

Here’s how to make this October’s CSAM wildly un-boring—and, more importantly, wildly effective.

1. Make the Fundamentals Feel Like Insider Intel

You lose your audience the moment you start with “password hygiene.” Instead, open with urgency: “Here’s how hackers used A.I. to steal $1.7 billion in crypto and hijack patient health records.” That’s when eyes open and pens come out.

While the fundamentals are still the most critical defense (hello, multi-factor authentication), don’t present them as basics. Frame them as the “stuff hackers don’t want you to know”—because that’s exactly what they are. Dress up the content in compelling narratives and real-world stakes.

Even better? Gamify it. Turn MFA adoption into a “Least Hackable Department” contest. Security becomes a game. Engagement goes through the roof.

2. Make AI the Villain—With a Plot Twist

If you want to grip your audience, give them a good villain. In 2025, that villain is AI. Show how it’s being used to craft eerily convincing phishing emails, generate ransomware code, and create deepfakes that could fool a world leader.

But don’t just lecture—show it. Host an internal “phishing competition” where teams use AI to create their own deceptive emails (with ethical guardrails). This type of hands-on learning sparks lasting behavior change.

Then flip the script. Reveal how AI can also be a defender—spotting malicious links, identifying deepfakes, and analyzing unusual activity. That’s your plot twist: AI is both the villain and the superhero.

3. Turn Humans Into Heroes, Not Punchlines

Yes, most breaches begin with human error—but beating people over the head with that doesn’t help. Instead, reframe employees as your “human firewall.” Share stories of real workers who spotted scams and thwarted attacks by trusting their gut.

Create a “Security Champion of the Month” program. Recognize vigilance with visibility and rewards. People want to be heroes, not the next cautionary tale in a team meeting.

You can even run security-themed escape rooms, scavenger hunts, or “spot the phish” challenges. When people are engaged, they’re more likely to remember—and apply—what they’ve learned.

4. Say Goodbye to Digital NyQuil

The fastest way to destroy security culture? Slap together a generic slideshow and a monotone narrator. Instead, embrace “edutainment.” Bring in a social engineering expert. Run live hacking demos. Host casual AMAs with your security team.

And above all, make it personal. Show how these principles protect not just the company, but employees’ private photos, banking info, and digital identities. When people see the personal value, professional compliance follows naturally.

Serve content in bite-sized portions—a weekly 5-minute tip beats a two-hour snooze-fest every time.

Final Thought: Don’t Be Boring

Cybercriminals are dynamic, creative, and relentless. If your defense strategy is static, dull, and forgettable… they’ve already won.

Cybersecurity Awareness Month is your moment to flip the script—transforming training from something employees dread into something they remember, apply, and maybe even enjoy.

Because when it comes to cybersecurity, boring is the biggest risk of all.

John Sileo is a high-energy cybersecurity keynote speaker and award-winning author who turns boring security training into unforgettable, action-inspiring experiences. If you’re ready to make security awareness stick—and actually get people to care—reach out and start the conversation: sileo.com/contact-us 

When Encryption Isn’t Enough: How Human Error Undermines Even the Best Security Tools

In the realm of cybersecurity, we often focus intensely on technical solutions—better encryption, stronger firewalls, and more sophisticated intrusion detection. Yet, time and again, the most significant security breaches don’t come from technical failures but from something far more difficult to patch: human behavior.

The Signal Incident: A Case Study in Human Error

The Trump administration recently provided a perfect example. Top officials, including Vice President JD Vance and Defense Secretary Pete Hegseth, used Signal—an encrypted messaging app widely considered highly secure—to discuss detailed plans for airstrikes against Yemen’s Houthi militants. Then, they accidentally added a journalist from The Atlantic to the chat.

These weren’t junior staff discussing lunch plans. These were high-ranking officials planning military operations using an app on their personal devices—compromising that information through a simple mistake. President Trump later acknowledged the issue, stating, “Generally speaking, I think we probably won’t be using it very much.” An understatement, to say the least.

Encryption ≠ Security

Signal was doing exactly what it was designed to do—providing end-to-end encryption that ensures messages are scrambled on one device and can only be unscrambled by the recipient. However, as this incident highlights, encryption alone does not equal security.

National security experts pointed out that discussing classified information on consumer apps is a major security breach, regardless of how secure the app is. Conversations about military operations should take place in Secure Compartmented Information Facilities (SCIFs), where cell phones are banned. The government’s secure communication tools have strict access controls, preventing unauthorized users from being added to conversations.

The Convenience vs. Security Tradeoff

Why would top officials bypass these secure systems in favor of a consumer app? The answer lies in a challenge familiar to every security professional: secure solutions are often less convenient. Government-approved communication tools are likely clunkier and more restrictive than sleek consumer apps like Signal. However, that inconvenience is often the price of true security.

Shadow IT: A Persistent Risk

The Signal incident highlights a broader problem in organizations: shadow IT. Employees often turn to unauthorized tools because official solutions feel cumbersome. This creates significant security vulnerabilities, regardless of how secure these shadow tools claim to be.

Building a Culture of Security

Technical solutions alone won’t fix human error. Organizations must:

  1. Make security personal—showing employees how breaches affect them directly.
  2. Design for human behavior—implementing user-friendly security measures.
  3. Train on real scenarios—using case studies and hands-on exercises.
  4. Make security visible—rewarding security-conscious behavior.
  5. Lead by example—ensuring executives follow security protocols.

At the end of the day, even the best encryption can’t protect against human mistakes. True security requires a cultural shift—one where individuals take personal responsibility for safeguarding sensitive information.

With two decades of experience helping organizations build security-focused cultures, John Sileo is passionate about empowering people to take ownership of data security, both personally and professionally. His approach bridges the gap between technical controls and human behavior to create security systems that actually work in the real world. Call 303.777.3222 or contact us to inquire about booking John for your next meeting or event.

Dear Daughter, Here’s Why I Can Crack Your Passcode (And How to Avoid Her Mistake)

There are two things I’ve learned from live-hacking an audience member’s smartphone during my keynotes:

1️⃣ Most of our passwords are terrible.
2️⃣ One simple change can make hacking your phone as hard as scoring Taylor Swift tickets.

The Sleepover That Changed Everything

I didn’t set out to become that dad—you know, the one who freaks out teenagers by hacking their phones at sleepovers. But one night, when my daughter and her friends were busy scrolling and texting, I pulled out a little party trick that I spent hundreds of hours developing: cracking one of their smartphone passcodes.

Cue the gasps. The wide eyes. The sudden clutching of phones like they were life support.

Why? Because I showed them in real-time that once I was in, I could do everything—bank as them, text as them, be them. And that hit different.

The same thing happens during my keynote when I “hack” an audience member’s smartphone. It’s one thing to hear about security threats; it’s another to feel how vulnerable you really are. But here’s the good news: fixing this is easier than you think.

Upgrade Your Passcode to a Passphrase

Instead of a weak four-digit PIN (which, let’s be honest, is probably your birth year backwards), switch to a passphrase—something longer, easy to remember, and way harder to crack.

Example:
🚫 1234 → 10,000 possible combinations (AI can crack this in seconds)
✅ ! L0v3 D@d → Over 60 quadrillion combinations (Good luck, hackers!)

How to Set It Up

🔹 iPhone Users: Here’s how to create a stronger passcode
🔹 Android Users: Check with your phone manufacturer for instructions

And don’t forget: Make sure someone you trust knows your passphrase in case of an emergency—store it securely in your password manager so you don’t forget it either!

Bonus: Lock Down Your Online Accounts

Your phone’s passphrase is just the start. For online accounts, ditch passwords entirely and switch to passkeys—they’re easier and more secure. Check out our video on passkeys here.

Because keeping your data safe shouldn’t be harder than getting into a Taylor Swift concert. 😉

Sleep tight, and stay secure! 🔐

DOGE’s Disastrous Cybersecurity Slashes: An Open Bar for Nation-State Hackers

The Department of Government Efficiency (DOGE) has made a catastrophic decision—one that isn’t just political but a direct threat to national security. Without conducting a single interview, DOGE and the new administration fired hundreds of cybersecurity experts from key agencies, including:

  • The Department of Homeland Security (DHS)
  • The Cybersecurity and Infrastructure Security Agency (CISA)
  • The National Institute of Standards and Technology (NIST)
  • The National Science Foundation (NSF)

By gutting these critical roles, DOGE has rolled out the red carpet for cybercriminals, giving hackers from Russia, China, North Korea, Iran—and anyone with a laptop and bad intentions—free rein to attack America’s most sensitive systems.

DOGE is intoxicated with power it should not have, but it’s every American that is going to suffer the hangover.

A National Security Disaster

The agencies responsible for protecting Social Security benefits, tax returns, healthcare records, and even nuclear codes are now severely understaffed. This means:

  • Longer detection times – Breaches could go unnoticed for months or even years.
  • Weaker defenses – Cyberattacks will be harder to prevent and contain.
  • Increased financial and personal risk – Both individuals and businesses will be more vulnerable to cybercrime.

And this isn’t just hypothetical. China successfully hacked the U.S. Treasury Department, major telecom companies, and even former President Trump’s phone calls—for years—without being detected. That happened before these mass firings. Now? The situation is far worse.

Businesses Are in the Crosshairs Too

The private sector won’t be spared either. With fewer cybersecurity experts:

  • No coordinated threat-sharing – Attacks will spread unchecked between companies.
  • No elite response teams – Breaches will cause more damage and take longer to fix.
  • More ransomware attacks – Businesses will be forced to pay millions to cybercriminals.

Who exactly will stop the next Colonial Pipeline attack? The next United Health breach? The experts who saved those companies no longer work for the U.S. government.

What Can Be Done?

While DOGE continues its reckless power grab, Americans still have a voice. Here’s what can be done now:

If nothing is done, the next cyberattack won’t just be an inconvenience—it will be a full-scale crisis.

The warning signs are clear. The only question now is whether action will be taken before it’s too late.

If your organization needs help navigating the chaos, let’s talk

 

 

The Future of Online Security: How Passkeys Can Protect Your Loved Ones

When you cut through the technical jargon (which can sometimes feel a little intimidating or dull), cybersecurity boils down to one simple truth: it’s about safeguarding the people we care about most. That’s the heart of the advice I give to my two grown daughters—practical, no-nonsense tips to help them stay safe in an increasingly digital world. Today, I’m passing those same tips along to you so you can protect the ones you love, too.

Let’s talk about passkeys—the smarter, stronger, and safer alternative to traditional passwords. They’re designed for busy people who want top-notch security without the hassle.

Here’s everything you need to know about them and why they’re a game-changer for your digital safety:

Why Use Passkeys?

While passwords have served us well, they’re no longer enough to combat today’s sophisticated online threats. Passkeys offer a major leap forward in digital security by addressing the main flaws of traditional passwords:

  1. Phishing-Proof
    Phishing attacks—where scammers trick you into entering your password on fake websites—are among the most common online threats. Passkeys eliminate this risk entirely because:
    • You don’t manually enter them.
    • Only legitimate websites can validate passkeys.

In other words, a phishing site can’t steal what you never type.

  1. Breaks Bad Habits
    Many people reuse passwords across multiple sites or choose weak, easily guessable ones. Passkeys, however, are unique to each service, so:
    • No two services share the same login credentials.
    • There’s no temptation to reuse old, insecure passwords.

This automatic uniqueness ensures your accounts stay secure, even if one service is compromised.

  1. Data-Breach-Proof
    Even if a website is hacked, the public key stored on the site is useless to attackers without your private key. And because your private key never leaves your device, it can’t be exposed in a data breach.
  2. Convenient and Safe
    Passkeys offer the best of both worlds: they’re as secure as two-factor authentication (2FA) but without the extra hassle. With a passkey, you:
    • Log in with just your fingerprint, face, or PIN.
    • No longer need to manage complex passwords or remember dozens of logins.

How to Start Using Passkeys

Setting up passkeys is easier than you think. Follow these steps to integrate them into your digital life:

  1. Set up a passkey with major retailers like Amazon
  2. Set up a passkey with all of your banks (Wells Fargo)
  3. Set up a passkey for your Microsoft & Apple accounts 

Use Your Passkey Across Devices
Switching between devices is easier than ever. Sync your passkeys using cloud services like iCloud Keychain or Google Password Manager. This ensures you always have access to your accounts, no matter where you are.

Why Passkeys Are a Smart Choice
In today’s fast-paced world, security should be simple. Passkeys make online security easier by:
• Reducing the need to remember complex passwords
• Eliminating worries about phishing and data breaches
• Minimizing the risks associated with weak or reused passwords

For me, passkeys are an easy “yes.” They offer peace of mind while keeping my loved ones safe online. That’s why I’ve already encouraged my daughters to adopt this technology—and now, I’m encouraging you to do the same.

What’s Next? Start Protecting Your Loved Ones
Cybersecurity doesn’t need to be complicated or intimidating. By switching to passkeys, you’re taking a major step toward safeguarding yourself and your family from online threats.

Whether you’re helping your kids set up their first email account, securing your partner’s online banking, or simplifying your own digital life, passkeys are the key to a safer, smarter, and more convenient future.

Ready to get started? Next time you log into a service, look for the passkey option—it might be the best decision you make for your family’s online safety.

Ps. In case you missed it, make sure you’re also aware of the One Smartphone Security Tool You Might Be Missing

Cybersecurity Alert: UnitedHealth’s Billion Dollar Data Breach

One in three Americans recently had their healthcare data hacked from UnitedHealth – TWICE. The stolen data likely includes medical and dental records, insurance details, Social Security numbers, email addresses and patient payment information.

UnitedHealth Group’s subsidiary, Change Healthcare (which processes an estimated 50% of all health insurance transactions in the U.S.), fell victim to a ransomware attack that thrust the U.S. healthcare system into chaos as pharmacies, doctor’s offices, hospitals and other medical facilities were forced to move some operations to pen and paper.

Behind the scenes, UnitedHealth Group chose to pay the BlackCat ransomware gang (aka ALPHV) an estimated $22 million in blackmail ransom to restore system functionality and minimize any further leakage of patient data.

Problem (expensively) solved, right? Not even close. After UnitedHealth paid the initial ransom, the company (or quite possibly BlackCat itself being hacked by hackers) reportedly experienced a second attack at the hands of RansomHub, which allegedly stole 4TB of related information, including financial data and healthcare data on active-duty U.S. military personnel.

To take the breach and ransom to an entirely new level, RansomHub is now blackmailing individual companies who have worked with Change Healthcare to keep their portion of the breached data from being exposed publicly. For many small providers, the ransom is far beyond what they can afford, threatening the viability of their business. Some of the larger individual providers being blackmailed are CVS Caremark, MetLife, Davis Vision, Health Net, and Teachers Health Trust.

As of today, even with millions of dollars collected by the hackers, all systems are not up and running.

There are three critical business lessons to take from the UnitedHealth breach:

  1. Ransom payments do not equal the cost of breach. The ransom amount companies pay is a fraction of the total cost of breach. In UnitedHealth’s case, they paid a first ransom of $22 million, but only months into the breach have reported more than $872 million in losses. Operational downtime, stock depreciation, reputational damage, systems disinfection, customer identity monitoring, class action lawsuits, and legal fees will move the needle well beyond $1 billion within the fiscal quarter. Risk instruments like cyber liability insurance can balance the losses, but prevention is far more cost-effective.
  2. There is no honor among thieves. Even when organizations pay the ransom demanded, (and in the rare case that they get their data back fully intact), there is no guarantee that the cybercriminals won’t subsequently expose samples of the data to extort a second ransom. In this case of Double-Dip Ransomware (as I call it), a dispute among partnering ransomware gangs meant that multiple crime rings possessed the same patient data, leaving UnitedHealth open to multiple cases of extortion. Paying the ransom instead of having preventative recovery tools places a larger target on your back for future attacks. If you haven’t implemented AND tested a 3-2-1 data backup plan and a Ransomware Response Plan, do so immediately.
  1. The Human Hypothesis on the Source of Breach. There has been no disclosure to date on exactly how the hackers got into Choice Health’s systems, but my highly educated guess (from seeing so many similar breaches) is that an employee of, or third-party vendor to, UnitedHealth was socially engineered (scammed) to share access into one of their business IT systems. The company will generally report this human oversight and poor training as “compromised credentials” which tries to make it look like a technological failure rather than a human decision. From there, the hackers “island hopped” laterally to increasingly critical servers on the network. It’s likely that the cyber criminals are still inside of key systems, hiding behind sophisticated invisibility cloaks.

The solution here is to make sure that the heroes in your organization, the human employees who are your first and best line of defense, are properly trained on how to detect and repeal the latest social engineering attacks. Over 90% of all successful attacks we see are due to a human decision that leads to malicious access.

All organizations and leadership teams must ensure your Security Awareness Training addresses all the changes that artificial intelligence brings to the cyberthreat sphere. To ignore the alarm bells set off by UnitedHealth Group’s disastrous breach is to risk your organization falling ill to a similar fate.

Anyone in your organization can be the unfortunate catalyst that triggers a disastrous data breach similar to UnitedHealth’s. My latest keynote, Savvy Cybersecurity in a World of Weaponized A.I., teaches the root cause of successful social engineering scams and necessary technological preparation for ransomware attacks. REACH OUT TO MY TEAM TODAY to discuss this vital topic at your next meeting or event.

  1. If you are a patient of UnitedHealth, Change Healthcare, OptumRx or any of their subsidiaries, take the following steps immediately:
  2. Visit the Cyberattack Support Website that UnitedHealth Group established for affected customers.
  3. Make sure that you have a Credit Freeze on your Social Security Number.
  4. If you are an OptumRX customer, call them directly (1-800-356-3477) to make sure that your prescriptions haven’t been affected and that they will ship on time.
  5. Monitor all of your health and financial accounts closely for any changes or transactions. Create automatic account alerts to make this easier.

 

John Sileo is a privacy keynote speaker, award-winning author and media personality as seen all over TV. He keynotes conferences virtually and in person around the world. John is the CEO of The Sileo Group, a business think tank based in Colorado.

Tax Time Scams: Beware of ‘Accidental’ Deposits from the IRS

“YEAH for tax time!” – Said no one ever.

After years of agonizing tax preparation, you might think the universe is finally in your favor when you notice a surprise $20,000 pop up in your bank account. But before you book that vacation to Ibiza or run to the car dealership, pause and remember what you know to be true: If something seems too good to be true, it usually is.

Tax fraudsters will steal your personal information (typically from your tax accountant) and create fake documents that they submit to the IRS to ensure a hefty refund is deposited in your account. They then call or email you to let you know about this “mistake” and ask you to deposit the money back into an “IRS Collection Company” account. They will also pepper in threats like money penalties or jail time to try to get you to act as soon as possible before you can rationally assess the situation.

The first step to protect yourself against tax time scams is to make sure your tax accountant has the highest level of security for client information. It’s okay to ask questions about their cybersecurity and physical document security. An email or call leading with, “I heard about this scam and it just got me curious about your security protocols” is completely appropriate. After all, they work for YOU!

If you see the shady deposit in your account, call your bank immediately and they can help you navigate the situation. If the bank representative doesn’t advise you to close the account, do it anyway. Your information has been successfully stolen and you don’t want to chance it happening again. Yes, it’s an inconvenience, but it’s necessary for your safety and peace of mind.

The last tip to remember – and one that is vital to share with your loved ones, co-workers, etc. – is:

THE IRS WILL NEVER COMMUNICATE WITH YOU BY EMAIL OR PHONE.

All communication from the IRS is sent via direct mail. So, if someone from the IRS calls you, HANG UP! If they email you, SEND IT TO SPAM! If they text you, BLOCK THE NUMBER!

Most of us have the intuition to not be rude – especially to a government agency who can uproot your life – but when you are steadfast in your knowledge knowing how the IRS communicates, you will have confidence to make the right decision in these moments that raise our blood pressure and make it hard to think clearly.

These tax time scams prey on our fears of not being in good standing with the United States Government. But what these scammers aren’t taking into account is that your knowledge equals power and protection from their nonsense. Here’s a video about Hanging Up on IRS Phone Scammers. Stay safe, informed and, “Happy Tax Season!” – Said no one ever.

 

John Sileo is a privacy keynote speaker, award-winning author and media personality as seen all over TV. He keynotes conferences virtually and in person around the world. John is the CEO of The Sileo Group, a business think tank based in Colorado.

A.I. Deepfake Posing as the CFO Scams $25 Million: How to Protect Your Organization from the Exploding Deepfake AI Cyber Scam

Deepfakes use Artificial Intelligence (A.I) to create fake, hyper-realistic audio and video that is generally used to manipulate the viewer’s perception of reality. In most deepfakes, the legitimate person’s face or body has been digitally altered to appear to be someone else’s. Well known deepfakes have been created using movie stars and even poorly produced videos of world leaders.

Removing the malicious part of the definition, deepfakes have been used in the film industry for quite some time to de-age actors (think Luke Skywalker in The Mandalorian) or resurrect deceased actors for roles or voiceovers (think Carey Fisher in Rogue One – okay, can you tell I’m a Star Wars geek?). Cybercriminals have latched on to the technology, using AI-generated deepfakes in conjunction with business email compromise (also known as whaling and CEO fraud) to scam organizations out of massive amounts of money.

Just recently, a finance worker at an international firm was tricked into wrongly paying out $25 million to cybercriminals using deepfake technology to pose as the company’s Chief Financial Officer during a video conference. And it wasn’t just one deepfake! The fraudsters generated deepfakes of several other members of the staff, removing any red flags that it wasn’t a legitimate virtual meeting. As a subordinate, would you refuse a request from your boss that is made face-to-face (albeit virtually)? You might be savvy enough, but most employees aren’t willing to risk upsetting their boss.

The days of just sending suspicious emails to spam is no longer adequate. Our Spidey Sense (the B.S. Reflex I talk about in my keynotes) must be attuned to more than business email and phone compromise. We have entered the age of Business Communication Compromise, which encompasses email, video conferences, phone calls, FaceTime, texts, Slack, WhatsApp, Instagram, Snap and all other forms of communication. It takes a rewiring of the brain; TO NOT BELIEVE WHAT YOU SEE. AI is so effective and believable that workers may even feel like they are being silly or paranoid for questioning a video’s validity. But I’m sure as the employee who lost their organization $25M can attest, it’s way less expensive to be safe than sorry.

The solution to not falling prey to deepfake scams is similar to the tools used to detect and deter any type of social engineering or human manipulation. Empowering your employees, executives and customers with a sophisticated but simple reflex is the most powerful way to avoid huge losses to fraud. When you build such a fraud reflex, people will be less likely to ignore their gut feeling when something is “off.” And that moment of pause, that willingness to verify before sharing information or sending money, is like gold. These are the skills that I emphasize and flesh out in my newly-crafted keynote speech, Savvy Cybersecurity in a World of Weaponized A.I.

Get in touch if you’d like to learn more about how I will customize a keynote for your organization to prepare your people for the whole new world of AI cybercrime. Contact Us or call 303.777.3221.

Top 5 Cybersecurity Keynote Speakers for Your Event

cybersecurity keynote speaker John Sileo on stage

Cybersecurity Keynote Speakers are in High Demand

Cybersecurity is a critical issue for businesses and organizations of all sizes and industries and it is more important than ever to stay informed and educated on the latest threats and best practices for protecting sensitive information. One of the best ways to do this is by attending conferences and events where top cybersecurity experts share their knowledge and insights.

As a meeting professional, you have the opportunity to bring these experts to your own events and educate your audiences on the importance of cybersecurity. But not all cybersecurity keynote speakers command an audience in the same way, whether it be with expertise or entertainment. From the entertaining (Sileo), to the academic (Schneier), to the cutting edge (Krebs), to the human psychology (Barker), these are some of the top cybersecurity keynote speakers  that will have attendees talking about your event long after the lights go down:

  1. John Sileo (The Storyteller): John is a leading expert in the field of cybersecurity and data privacy, with two decades of experience stemming from having lost his multi-million dollar internet company to cybercrime. He helps organizations understand the latest threats to their sensitive and highly-profitable information and teaches the strategies they can implement to protect it. He combines real-world examples and personal anecdotes with the latest research and best practices, making his presentations both informative and engaging. John is known for his extensive interaction with the audience, including live hacking an audience-member’s smartphone to illustrate how easily cybercriminals can get into your banking, investment and work accounts through your phone. John has presented at hundreds of conferences, corporate events and government agencies, earning rave reviews from audiences of all sizes and backgrounds. His happy clients include the Pentagon, Amazon, and associations representing virtually every industry.
  2. Brian Krebs (The Reporter): Brian is an investigative journalist and the founder of KrebsOnSecurity, one of the most widely-read cybersecurity news websites. He has deep expertise in the areas of cybercrime and data breaches, and is a sought-after speaker on the topic for his first-class reporting on many of the technical aspects of cybercrime. Brian has written for publications such as The Washington Post and Wired, and has appeared on numerous television and radio programs. As a keynote speaker, Brian brings a wealth of cutting edge breach incidents that he uncovers or is alerted to.
  3. Bruce Schneier (The Technologist): Bruce is a renowned security technologist, author, and public speaker. He is the author of several books on cybersecurity, including “Data and Goliath” and “Applied Cryptography.” Bruce is a regular commentator on security issues in the media, a highly respected thought-leader in the cybersecurity community and a public-interest technologist, working at the intersection of security, technology and people. As a cybersecurity speaker, he is very comfortable diving into the more technical aspects of the topic.
  4. Kevin Mitnick (The Hacker): Kevin is a former hacker turned cybersecurity consultant, author and speaker. He is one of the most well-known figures in the cybersecurity world and his story is the subject of several books and films. Kevin’s presentations draw on his unique perspective and experiences to provide audiences with valuable insights into the world of hacking and cybercrime.
  5. Dr. Jessica Barker (The Psychologist): Jessica is a cyber-psychologist and the co-founder of Cygenta, a cybersecurity consulting firm. She is a highly sought-after speaker on the topic of human behavior and cybersecurity and has presented at conferences and events around the world. Jessica’s presentations focus on the psychological and social aspects of cybersecurity and how to create a culture of security within an organization.

These are some of the top cybersecurity keynote speakers in the industry and you can count on them being booked out months, if not years in advance. John Sileo stands out for remarkable story of losing everything to cybercrime and his ability to deliver complex concepts in a humorous way using his wealth of knowledge and experience in the field. He is a dynamic and engaging keynote speaker for hire who interacts constantly with your audience to make cybersecurity accessible and memorable. Visit his website at Sileo.com where you can find more information and schedule a speaking engagement.

Local Government Cyber Security: Our Next Big Threat