Fixing Broken Security Training | DailyCyber 272 with Craig M. Taylor ~ Watch Now ~

In this episode of DailyCyber, I’m joined by Craig M. Taylor, Co-Founder & CISO at CyberHoot, who has spent nearly three decades building and leading security programs for organizations of all sizes.

Craig believes cybersecurity awareness should be short, engaging, and even fun—because punishment-based training and fear tactics don’t work.

🔐 What we discuss:

1️⃣ The Employee Factor – Why employees are still the #1 target – How to reduce human risk without blame

2️⃣ Why Traditional Training Fails – The psychology of why people click phishing emails – How behavioral science and gamification make training stick

3️⃣ Building a Cyber-Aware Culture – The leadership and culture shifts required – The biggest mistakes companies make in awareness programs

4️⃣ The SMB Security Gap – Why compliance ≠ security – Common blind spots in small and mid-sized businesses

5️⃣ AI & Phishing Evolution – How deepfakes, smishing, and vishing are changing the threat landscape – What to implement now for phishing-resistant authentication

🧠 Guest Bio: Craig M. Taylor is Co-Founder & CISO at CyberHoot, helping organizations eliminate risky employee behaviors with positive reinforcement security training. His background in psychology and decades of leadership at companies like Chase Paymentech, Vistaprint, and DXC Technology give him a unique edge in combining human behavior with cybersecurity strategy.

📌 Guest Info: 

🔗 https://cyberhoot.com/ 

🔗 https://www.linkedin.com/in/craigmtaylor/

📺 Watch the full episode: www.youtube.com/knssconsulting 

🎧 Listen at: www.DailyCyber.ca

👇 Share your takeaways or questions in the comments.