Welcome to Episode 54 of The HockeyStick Show
I’m Miko Pawlikowski, and this week we explored the evolving world of cybersecurity with Robert Siciliano.
Robert, CEO of Protect Now LLC and creator of the Strategic Human Firewall, joined us to unpack how organizations can adapt to increasingly sophisticated threats. The conversation moved beyond tools and tactics into something deeper: how people, not just systems, define the strength of modern security.
Understanding the Human Firewall
We started with Robert’s core idea: the “human firewall.”
At its essence, it’s about transforming employees from passive liabilities into active defenders. Traditional firewalls filter traffic. Human firewalls filter intent.
Instead of relying solely on technical controls, this approach builds awareness, judgment, and instinct across the organization. Employees aren’t just following rules. They’re recognizing risk in real time.
Robert drew a sharp contrast with standard security training. Most programs focus on compliance and minimal engagement. His model pushes toward something more durable: personal ownership.
Security Awareness vs. Security Appreciation
One of the most important distinctions Robert made was between awareness and appreciation.
Awareness is surface-level. It means knowing the rules.
Appreciation goes further. It means understanding why those rules matter and acting accordingly.
He illustrated this with what he calls the “kitchen table effect.” When employees internalize security lessons deeply enough, they bring them home. They talk about them with family. They apply them in everyday life.
That’s when behavior actually changes.
Security stops being a corporate requirement and becomes a personal value.
AI: The New Frontier
We also spent time on AI and its impact on cybersecurity.
Robert was clear: AI raises the stakes. Deepfakes, synthetic voices, and hyper-personalized phishing attacks make deception more convincing than ever.
Old mass phishing campaigns are fading. What’s replacing them is precision targeting at scale.
But there’s a flip side.
This shift creates a moment to re-engage people. When threats feel more real and more personal, training can become more relevant. More urgent. More effective.
The Personal Touch
As the conversation wrapped, Robert emphasized a simple principle:
Security works best when it feels personal.
Titles don’t matter here. Whether you’re a CTO, CISO, or team lead, your role is to make security relatable.
That might mean sharing stories. Running discussions during all-hands meetings. Talking about real-world examples, including how these threats show up at home, not just at work.
When people see themselves in the problem, they start to care about the solution.
Taking Action
For organizations looking to improve, Robert suggested starting with a basic question:
How does security currently show up in your company?
If it feels like a checklist, that’s the problem.
Reframe it as something empowering. Something human.
Build training that invites participation. Encourage questions. Create space for real conversations instead of one-way instruction.
The goal is to make security part of the culture, not just a requirement.
Final Thoughts
Robert Siciliano’s perspective is straightforward but often overlooked.
Technology matters. But mindset matters more.
If people care, they pay attention. If they pay attention, they catch things machines miss.
Security isn’t just a systems problem.
It’s a people problem.
And that’s exactly where the opportunity is.
