Transformational Security Awareness
Audiobook & Ebook

Transformational Security Awareness by Perry Carpenter | Free Audiobook

By Perry Carpenter

Narrated by Stephen Bel Davies

🎧 12 hours and 20 minutes 📘 Gildan Media 📅 July 21, 2020 🌐 English
Computers & Technology
🎧 Listen Free on Audible 📖 Read on Kindle

Free 30-day trial · Cancel anytime

About This Audiobook

Expert guidance on the art and science of driving secure behaviors.

Transformational Security Awareness empowers security leaders with the information and resources they need to assemble and deliver effective world-class security awareness training programs that drive secure behaviors and culture change.

When all other processes, controls, and technologies fail, humans are your last line of defense. But, how can you prepare them? Frustrated with ineffective training paradigms, most security leaders know that there must be a better way. A way that engages users, shapes behaviors, and fosters an organizational culture that encourages and reinforces security-related values. The good news is that there is hope. That’s what Transformational Security Awareness is all about.

Author Perry Carpenter weaves together insights and best practices from experts in communication, persuasion, psychology, behavioral economics, organizational culture management, employee engagement, and storytelling to create a multidisciplinary masterpiece that transcends traditional security education and sets you on the path to make a lasting impact in your organization.

PLEASE NOTE: When you purchase this title, the accompanying PDF will be available in your Audible Library along with the audio.

🎧 Listen Free on Audible

Free 30-day trial · Cancel anytime

Quick Take

  • Narration: Stephen Bel Davies handles Carpenter’s multidisciplinary synthesis with authority and good pacing, the delivery suits the book’s mix of behavioral science and practical security guidance.
  • Themes: Human behavior and security culture, persuasion science in training design, organizational culture change
  • Mood: Intellectually rich and constructive, more behavioral science seminar than technical manual
  • Verdict: A genuinely standout resource for security professionals responsible for awareness training, one of the few books in this space that takes the human side seriously at the level of scholarship.

Perry Carpenter is a former Gartner analyst who spent years watching organizations deploy the same ineffective security awareness training year after year and asking why nobody seemed to be applying what communication science, behavioral economics, and organizational psychology had already figured out about how to actually change behavior. This book is his answer to that question, and it is a considerably more sophisticated answer than most of what occupies the security training literature.

I have read a lot of security books that invoke psychology as a vague gesture toward human factors and then get back to talking about phishing simulations. Carpenter actually engages with the source material: he cites Kahneman, he engages with nudge theory and behavioral economics, he draws on communication research about narrative and framing. The result is a book that reads like someone who has genuinely done the interdisciplinary homework rather than someone who read a Malcolm Gladwell book and felt qualified to describe human cognition.

The Problem This Book Is Actually Solving

The frustration Carpenter describes in the introduction, the sense that traditional security awareness training paradigms are producing compliance theater rather than genuine behavioral change, is one that every security professional responsible for a training program has felt. Annual click-through videos and phishing test percentages as the only metric are the predominant model across a huge portion of the industry, and everyone involved knows they are not working as intended. Carpenter’s diagnosis is that most security training programs are designed by people with security expertise but not with communication or behavior change expertise, and the solution is not to swap those skill sets but to combine them.

The book covers this ground through multiple disciplines simultaneously: communication theory, persuasion research, organizational culture management, employee engagement, and storytelling. The synthesis is tight enough that the multi-source structure does not feel like a literature survey but like an integrated framework. Reviewer Vladislav Shapiro describes the book as path to becoming ‘a human behavior subject matter expert when it comes to designing, analyzing and executing successful’ security awareness initiatives, which is a fair characterization of its ambition.

The Carpenter Voice and How Davies Serves It

Carpenter writes with the specific authority of someone who has both studied a subject extensively and consulted on it across dozens of organizations. The prose is direct and practitioner-focused without being dry: he moves between theory and application fluently, grounding abstract behavioral science claims in specific training scenarios and organizational culture examples. Stephen Bel Davies’ narration serves this well. He is a strong audiobook narrator who matches his pacing to the material’s rhythm and does not over-dramatize a text that does not need drama. The 12-hour runtime passes more quickly than expected because the content earns sustained attention.

The PDF companion in the Audible library is worth having open alongside the audio, particularly for the chapters on training design frameworks. Several of the conceptual models Carpenter introduces are presented with visual diagrams that the narration references but cannot fully convey.

A Disclosure Worth Making

Reviewer Roger Grimes, who gave the book five stars and extensive praise, notes in his review that he knows and works with Carpenter personally and is acknowledged in the book. That relationship is worth disclosing because Grimes is a credible security professional, and his endorsement carries weight in the field. I mention it not to undercut the review but because understanding the network within which a book is being received is part of evaluating the signal in its early reviews. The consistent five-star rating from 107 reviews suggests the book’s reputation has extended well beyond Carpenter’s immediate professional network, which is the better evidence of genuine impact.

Who Should Listen, Who Should Skip

Security professionals who design, manage, or oversee awareness training programs will find this the most useful book they can invest time in for that specific function. CISOs building a security culture program from scratch, GRC analysts developing training curricula, and anyone responsible for measuring and improving human security behaviors will find the framework here immediately applicable.

Technical security practitioners who have no training or culture-change responsibilities will find the book interesting but less directly useful. The same is true for people approaching the security awareness problem from a purely compliance angle, Carpenter is explicitly challenging the compliance-first model, so listeners who need to defend that model will find this book more argumentative than they might prefer. Those who have already done extensive reading in behavioral economics and communication theory will find some familiar ground in the early chapters.

Frequently Asked Questions

Does this book require a background in behavioral science, or is it accessible to security professionals without that background?

Accessible to security professionals without a behavioral science background. Carpenter introduces the relevant concepts from communication theory, behavioral economics, and organizational psychology in context, explaining their relevance to security training as he applies them. Readers who already have a behavioral science background will find some familiar ground but will benefit from the security-specific application.

How important is the PDF companion that comes with the Audible version?

Fairly important for the training design framework sections. Several of Carpenter’s conceptual models are presented with diagrams that the narration references but cannot fully convey in audio form. Download the PDF from your Audible library and have it available for the chapters on awareness program design and measurement.

Is this useful for someone building a security awareness program from scratch, or is it better suited to improving existing programs?

Both. The book covers foundational principles that are as useful for program creation as for program improvement. The framework it builds applies regardless of how mature your existing program is, and the behavioral science grounding means the guidance is principle-based rather than prescriptive, which makes it applicable to a wide range of organizational contexts.

How does Stephen Bel Davies handle a 12-hour book covering multiple academic disciplines?

Very well. Davies is an experienced narrator who manages the book’s range from academic citation to practical guidance to organizational culture storytelling without the register shifts feeling jarring. The pacing is consistent and the 12-hour runtime does not feel punishing. This is one of the better narrator-material pairings in the security awareness space.

Ready to listen?

🎧 Listen to Transformational Security Awareness for free

Free 30-day trial · Cancel anytime

Start Listening: Transformational Security Awareness

Listen Free on Audible 📖 Read on Kindle

Also available on:

🇺🇸 US 🇬🇧 UK 🇫🇷 FR 🇩🇪 DE 🇪🇸 ES 🇮🇹 IT

Free 30-day trial · Cancel anytime

Alexandra Reed

Written by Alexandra Reed

Founder & Literary Critic

๐Ÿ“– You Might Also Like

More audiobooks you might enjoy