SENIOR SECURITY INFLUENCER | SEEK
Kelsy Luengen
Kelsy Luengen is a Senior Security Influencer at SEEK, specialising in the messy, human side of cybersecurity. Her work focuses on how security is perceived, prioritised, and acted on within organisations. Blending behavioural science, change management, and cybersecurity, Kelsy designs campaigns, nudges, and engagement strategies that help organisations move from reactive, last-minute security to proactive, human-centred approaches. Her work centres on reframing security from a blocker into a business enabler, and bridging the gap between technical risk and real-world decision-making.
Kelsy has conducted doctoral research using randomised controlled trials and eye-tracking technology to study the behavioural economics behind cybercrime victimisation and how people detect, process, and respond to email-based threats. Prior to cybersecurity, she worked as an evidence-based criminological practitioner, with her research examining how to influence trust, decision-making, and voluntary compliance across a range of crime problems.
Presentation: Security Needs a Rebrand: Fixing the situationship between security and the business
Security is meant to be a partnership. And yet, in many organisations, it’s often better described as a situationship.
Security is seen as the function that slows things down, says “no,” and shows up too late with bad news. But in reality, security is the team that gets looped in too late, asked to “just sign off,” or quietly worked around until something goes wrong.
The result isn’t just friction, it’s misalignment. Strategy sets one direction, delivery moves at another pace, and security is left in a reactive state. Over time, this creates a pattern of last-minute escalations, ongoing exceptions, and risk decisions made without a clear view of their business impact.
This session reframes security not as a technical problem, but as a behavioural and structural one. Drawing on behavioural economics and change management, it explores:
- How the framing of cyber risk shapes (and sometimes distorts) executive decision-making;
- Why teams default to security as a blocker and reactive function, rather than a proactive partner; and
- How shared responsibility often turns into unclear ownership and missed accountability.
Through real-world examples, we’ll explore what it takes to move from reactive, exception-driven security model to one where security is designed into decisions from the start. This isn’t achieved through messaging alone, but by redesigning how organisations collaborate with security through decision-making, operations and delivery processes.
