Kai Roer

Chief Research Officer, KnowBe4

Kai has been providing actionable advice founded on empirical evidence to public and private organizations around the world since the 1990’s. His work over the past decades has focused on helping organizations understand what culture they currently have, what culture they would like to have, and more importantly how to get there. Kai works with the information security community on a global stage to educate the importance and impact that security culture has.

In 2010, he created the Security Culture Framework (SCF), a framework and methodology to build and maintain security culture. Kai later gifted the SCF to the Open-Source community, and it evolved into several spin-offs, including the Cybersecurity Culture Framework by The European Union Agency for Cybersecurity (ENISA) in 2015.

Kai has authored and co-authored several books on leadership and technology. His popular book “Build a Security Culture” (IT-Governance, 2015) is widely considered as the guiding resource on the topic of security culture.

Before joining KnowBe4, Kai founded the security culture measurement company, CLTRe (pronounced culture), the world’s first SaaS-platform built to measure and manage an organization’s security culture. This new ability to measure security culture made it possible for organizations worldwide to understand exactly where and how to improve their security. KnowBe4 acquired CLTRe in 2019. After which, Kai built KnowBe4 Research, the research arm of KnowBe4, where he leads a team of researchers dedicated to improving the knowledge and understanding of the human factors that influence security.

Recognized by many as a leading global authority on the topic of security culture, he has received several awards, including the Ron Knode Service Award by the Cloud Security Alliance CSA for his extensive voluntary work in the security community around the world. Thanks to his invaluable contributions to the industryand his unique background that combines leadership, communication, and technology, Kai is a popular keynote speaker and guest lecturer. He focuses on presenting complex challenges in easy-to-understand language. He is also a frequent guest on podcasts, radio, and TV, where he explains security in ways that resonates with non-security people.

When Kai is not working, he enjoys riding his motorcycles, spending time in the outdoors, and BBQing with his family and friends.

You can connect with Kai on LinkedIn and Twitter.

Management Track

The Security Culture Maturity Model - an evidence based model to understand security culture

In his talk, Kai will elaborate on

  • What is a maturity model, and why is it helpful?
  • Some examples of maturity models in the security industry
  • The Security Culture Maturity Model - an introduction
  • The importance of an evidence based model: remove the guesswork
  • Evidence: how to use data points to navigate the model, including examples 
  • Applying the new model - what you can do now!