Security Awareness Culture Change, Part 1 – Kelley Bray, Stephanie Pratt – SCW #69

Today we are going to take a look at security awareness training programs in organizations. We are joined to day by Kelley Bray and Stephanie Pratt who will help facilitate the discussion. We’ll start with the history and evolution of security awareness programs; what has worked, or more precisely what hasn’t worked. We’ll also touch on how most security awareness programs stem from compliance requirements but could be doing so much more.

The “Breaking Security Awareness” webinar: Visit for all the latest episodes!

Full Episode Show Notes

Security Awareness Culture Change, Part 1


Kelley Bray

Kelley Bray – Director, Client Success & Sr. Security Awareness Strategist at Living Security

For the better part of 10 years, Kelley has built training and awareness programs for the Federal Government, DoD and private sector. After delivering online and in-person training to hundreds of thousands of users worldwide, Kelley has tried all the tools and techniques, learned from valuable mistakes, and had a lot of fun celebrating security program success along the way. Her passion for this topic is fueled in equal parts by the rapidly changing risks that all users must combat, and the amount of technology that her 3 children have access to.

Kelley holds a Bachelor’s Degree from George Mason University and currently serves on the Board of Directors for the National Cybercrime Support Center. In her free time, she enjoys reading, gardening and spending time with her family.

Stephanie Pratt

Stephanie Pratt – Head of Content at Living Security


Stephanie Pratt is the Senior Security Awareness Content Manager at Living Security. She developed a passion for cybersecurity at Blackbaud where she created the company’s first-ever security awareness program. Her program included a champions program, phishing simulation, a monthly speaker series, and a robust cybersecurity awareness month. She earned her SANS Security Awareness Practitioner, SSAP, certification in July 2019. Before joining Blackbaud, Stephanie worked for more than a decade in broadcast journalism as a TV reporter in Oregon, South Carolina, New Hampshire, and New York. She holds a B.S. from Emerson College.


Jeff Man

Jeff Man – Sr. InfoSec Consultant at Online Business Systems


Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Josh Marpet

Josh Marpet – COO at Red Lion


COO of Red Lion
IANS Faculty
Blockchain Patent Holder
MISTI Instructor
Entrepreneurship Curmudgeon
Board Member BSidesDE
Board Member BSidesDC
Ex-cop and Fireman

Priya Chaudhry

Priya Chaudhry – Jedi Warrior Princess at ChaudhryLaw PLLC


Criminal Defense Trial Lawyer

Scott Lyons

Scott Lyons – CEO at Red Lion


CEO at Red Lion


  • Do you want to stay in the loop on all things Security Weekly? Visit to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!