When phishing click rates rose, Kraft Heinz CISO, Ricardo Lafosse, knew the organization was at a critical decision point. Traditional awareness training had failed, and it was time to try something bold. Join Lafosse as he chronicles the controversial implementation of "Phishing Jail," a radical remediation program that briefly made him the most hated person in the company, before ultimately transforming their security posture. This keynote will provide CISOs with candid lessons learned, including:

• Determining when radical and unpopular measures may be necessary
• Strategies for implementing high-impact, low-popularity security measures
• How to balance enforcement with incentives that drive behavioral change