AuthorHeather Howland

How to Balance Security with Risk Tolerance and User Experience


When trying to protect customer accounts, managing risk is a hot topic within organizations. In order to build and maintain customer loyalty, providing the best user experience is a high priority. But the best user experience can leave an organization at risk. Managing risk isn’t always about making threat models better or reducing false positives. In some cases you want to add friction when in...

[PODCAST] CISO Series Defense in Depth: User-Centric Security


“The ability to put security into the context of the user and in the flow of their regular interactions with your service makes it less necessary for you to have millions of security engineers to monitor what’s going on, because some of that is now in the hands of the consumer where they are able to make those better decisions.”  ~ Adrian Ludwig, Atlassian Getting Users Involved In...

Why Users Need to Be Central To Account Takeover Prevention

Credential Stuffing

Since posting my most recent blog on “I Am An Account Takeover Victim,” I have had many people respond to me with similar stories.  All of them named very well known brands that we are familiar with–companies offering global movie streaming, food delivery services, online software, banking, and more. Everyone ranted about the significant amount of time and frustration they went through...