Mindfulness & Game Design in Cyber Security: Safe to Fail Systems - Lee Anderson | Ep. 162 episode artwork

EPISODE · May 10, 2026 · 21 MIN

Mindfulness & Game Design in Cyber Security: Safe to Fail Systems - Lee Anderson | Ep. 162

from The Iferia Techcast · host Ezekiel Iferia

Are your employees really the "weakest link" in your cybersecurity, or is your traditional training design setting them up for failure? In this episode, Ezekiel Iferia sits down with Lee Anderson, a cybersecurity expert with over 16 years of experience in social engineering and human risk behavior, to deconstruct how stress, distraction, and blame are undermining our digital defenses.Summary:Lee shares his journey from wanting to be an offensive "hacker" to developing a deep empathy for the human side of security. We dive into the fascinating neurology of phishing, exploring the physiological battle that happens in the human brain (amygdala vs. prefrontal cortex) when a user encounters a fear-based scam.Gabe challenges the traditional "blame and shame" punitive security cultures that treat users as potential threats. Instead, he explains how to build a security system that is "safe to fail," using psychological safety and trust as strategic assets. He outlines how tools often labeled as "soft," such as mindfulness, are actually crucial neurological breaks for skeptical users. Lee also breaks down how gamification (featuring his own game, "Hack Attack Defense") creates sticky security instincts and provides invaluable advice for engineers and UX designers on designing systems fit for highly stressed humans.In this episode, you’ll discover:* Why Lee shifted from technical offensive security to human-risk management.* The neurology of phishing: The battle between emotion and logic under stress.* The psychological failure of "soft skills" and why mindfulness is a neurological necessity for skepticism.* Game design as a security tool: Creating safe environments to fail and build trust.* Why punitive ("fear and blame") security cultures actually increase organizational risk.* The critical error of separating employees' personal digital lives from workplace security.* Designing for engineers: Practical advice on UX and managing cognitive load for secure behavior.* The one social engineering tactic that still works ridiculously well (and why we fail Milgram's test).* Innovation defined: Why dusting off human roots is our best defense against AI scams.Connect with Lee Anderson:* LinkedIn: https://www.linkedin.com/in/leeanderson/* Volunteer work: https://www.innocentlivesfoundation.org/Chapter Timestamps00:00 Welcome Lee Anderson: 16-Year Human Side Cyber Security Expert01:27 The Journey: From IST Degree to Challenging the "Weakest Link"03:09 Neurology of Phishing: Amygdala vs. Logical Prefrontal Cortex04:39 Mindfulness in Security: Soft Skill or Neurological Necessity?06:38 Design Systems Safe to Fail: Psychological Safety & Trust08:27 Why Punitive ("Blame and Shame") Security Cultures Increase Risk10:17 Whole Human View: Why Workplace and Personal Digital Lives cannot be Separated11:45 Gamification: Designing Games for Security Instincts (Hack Attack Defense)13:55 Rethinking approach: Moving from Offensive Hacking to Human Empathy15:33 Designing for Engineers: System Limitations & Cognitive Load17:14 Social Engineering Tactics: Why Authority Cards Still Work Ridiculously Well18:32 What Does Innovation Truly Mean to You? Dusting Off primal Human Roots.20:34 Connect with Lee Anderson & Outro

Are your employees really the "weakest link" in your cybersecurity, or is your traditional training design setting them up for failure? In this episode, Ezekiel Iferia sits down with Lee Anderson, a cybersecurity expert with over 16 years of experience in social engineering and human risk behavior, to deconstruct how stress, distraction, and blame are undermining our digital defenses.Summary:Lee shares his journey from wanting to be an offensive "hacker" to developing a deep empathy for the human side of security. We dive into the fascinating neurology of phishing, exploring the physiological battle that happens in the human brain (amygdala vs. prefrontal cortex) when a user encounters a fear-based scam.Gabe challenges the traditional "blame and shame" punitive security cultures that treat users as potential threats. Instead, he explains how to build a security system that is "safe to fail," using psychological safety and trust as strategic assets. He outlines how tools often labeled as "soft," such as mindfulness, are actually crucial neurological breaks for skeptical users. Lee also breaks down how gamification (featuring his own game, "Hack Attack Defense") creates sticky security instincts and provides invaluable advice for engineers and UX designers on designing systems fit for highly stressed humans.In this episode, you’ll discover:* Why Lee shifted from technical offensive security to human-risk management.* The neurology of phishing: The battle between emotion and logic under stress.* The psychological failure of "soft skills" and why mindfulness is a neurological necessity for skepticism.* Game design as a security tool: Creating safe environments to fail and build trust.* Why punitive ("fear and blame") security cultures actually increase organizational risk.* The critical error of separating employees' personal digital lives from workplace security.* Designing for engineers: Practical advice on UX and managing cognitive load for secure behavior.* The one social engineering tactic that still works ridiculously well (and why we fail Milgram's test).* Innovation defined: Why dusting off human roots is our best defense against AI scams.Connect with Lee Anderson:* LinkedIn: https://www.linkedin.com/in/leeanderson/* Volunteer work: https://www.innocentlivesfoundation.org/Chapter Timestamps00:00 Welcome Lee Anderson: 16-Year Human Side Cyber Security Expert01:27 The Journey: From IST Degree to Challenging the "Weakest Link"03:09 Neurology of Phishing: Amygdala vs. Logical Prefrontal Cortex04:39 Mindfulness in Security: Soft Skill or Neurological Necessity?06:38 Design Systems Safe to Fail: Psychological Safety & Trust08:27 Why Punitive ("Blame and Shame") Security Cultures Increase Risk10:17 Whole Human View: Why Workplace and Personal Digital Lives cannot be Separated11:45 Gamification: Designing Games for Security Instincts (Hack Attack Defense)13:55 Rethinking approach: Moving from Offensive Hacking to Human Empathy15:33 Designing for Engineers: System Limitations & Cognitive Load17:14 Social Engineering Tactics: Why Authority Cards Still Work Ridiculously Well18:32 What Does Innovation Truly Mean to You? Dusting Off primal Human Roots.20:34 Connect with Lee Anderson & Outro

NOW PLAYING

Mindfulness & Game Design in Cyber Security: Safe to Fail Systems - Lee Anderson | Ep. 162

0:00 21:46

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of The Iferia Techcast?

This episode is 21 minutes long.

When was this The Iferia Techcast episode published?

This episode was published on May 10, 2026.

What is this episode about?

Are your employees really the "weakest link" in your cybersecurity, or is your traditional training design setting them up for failure? In this episode, Ezekiel Iferia sits down with Lee Anderson, a cybersecurity expert with over 16 years of...

Can I download this The Iferia Techcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!