Back to all insights
Picture of Shane Brown

Shane Brown

FROM MARKETING TO CYBERSECURITY CHAMPION: HOW LISA PLAGGEMIER IS BRIDGING THE DIGITAL DIVIDE

FROM MARKETING TO CYBERSECURITY CHAMPION: HOW LISA PLAGGEMIER IS BRIDGING THE DIGITAL DIVIDE

Lisa Plaggemier runs the National Cybersecurity Alliance. She didn’t start by hunting vulnerabilities or writing code. She sold cars and built brands.

THE AUTOMOTIVE YEARS

Plaggemier graduated from the University of Michigan with degrees in marketing, psychology, and German. She joined Ford Motor Company in the late 1980s. Ford sent her to Africa, the Middle East, and Eastern Europe right after the Berlin Wall fell.

“I had 16 weeks of rigorous training that included engine and transmission training,” she said. They sent her to eastern North Carolina with a map and told her to “go get them.”

Working with car dealers taught her to question everything. “I honestly think that’s where I learned not to trust anybody. That was where I learned how to have a healthy suspicion.”

After a decade at Ford, she moved to CDK Global. This automotive technology provider served half a billion consumer records and 35,000 car dealerships. She was thriving in marketing when everything changed.

THE JEEP HACK

Summer 2015 became a turning point. Security researchers Charlie Miller and Chris Valasek remotely hacked a Jeep Cherokee. They took control of steering, brakes, and transmission while a journalist sat in the driver’s seat. Fiat Chrysler recalled 1.4 million vehicles.

Manufacturers scrambled to understand what connected vehicles meant for safety. CDK’s security team approached Plaggemier. They needed someone who could translate complex threats into language people understood.

“I met people on the security team, and then I realized, ‘Oh, these are my skeptics. These are my people who don’t trust anything at first glance,'” she told IT Brew.

Her marketing expertise became an asset. She joined CDK’s security team as Director of Security Culture, Risk, and Client Advocacy.

MAKING HACKERS RELATABLE

In 2017, Plaggemier needed to convince developers to take security training. Engineers often think they know everything.

Her presentation was titled “They’re Like Us.” She profiled real cybercriminals with impressive credentials. People with backgrounds similar to the coders in the room. The twist? These people had been arrested for cybercrimes.

“Two of the guys I picked actually had a company that was a DDoS mitigation company by day, but then by night, they DDoS you.”

By humanizing the adversaries, she made the threat tangible and personal.

MOVING UP

Plaggemier’s success caught attention. She became Chief Evangelist at InfoSec Institute. Then Chief Marketing and Strategy Officer at MediaPRO.

In 2020, MediaPRO appointed her to the National Cybersecurity Alliance Board. By July 2021, she became Executive Director.

THE NATIONAL CYBERSECURITY ALLIANCE

The National Cybersecurity Alliance was founded after 9/11 by Microsoft, Symantec, AT&T, Cisco, and the Department of Homeland Security. The mission: educate Americans about cyber threats.

The organization created Cybersecurity Awareness Month. October has been dedicated to this since 2004.

When Plaggemier took over, she brought fresh thinking. “Too many security people assume that because they’re passionate about security, and they care about this stuff, that everybody else cares.”

Her mission: make cybersecurity accessible, engaging, and actionable for everyone.

INNOVATION THROUGH COMEDY

In October 2023, NCA launched “Kubikle.” This 12 episode comedy web series follows cybercriminals in their “office.” Think “The Office” meets cybersecurity.

The series has over 19 million views. It uses humor to explain ransomware, romance scams, phishing, and multi factor authentication.

“Cybercrime often feels like this faceless, looming threat,” Plaggemier explained. “Kubikle is our way of putting a face to the threat to make the topic more approachable.”

The series won a CSO award.

BEHAVIORAL SCIENCE

Plaggemier champions evidence based approaches through the annual “Oh, Behave!” report. This research surveys thousands of people across the US, UK, Canada, and other countries about their cybersecurity attitudes and behaviors.

The findings are revealing. Over half of Americans fear becoming victims of cybercrime. Yet 39% feel frustrated and 37% feel intimidated by the process of staying secure online.

Understanding these psychological barriers helps the team design interventions that work.

TAILORED CONTENT

One size fits all approaches fail in cybersecurity education. Plaggemier has overseen content customized for different demographics.

For seniors who prefer printed materials, NCA created “Then and Now.” This workbook addresses real estate fraud and investment scams.

For young adults who stream content, there’s Kubikle.

The organization runs year round campaigns. Data Privacy Week around Valentine’s Day. Back to school security tips in September. Holiday shopping safety in November and December. AI literacy campaigns around April Fools’ Day.

SMALL BUSINESS FOCUS

Small businesses face unique challenges. They operate with limited resources while managing the same threats that plague large enterprises.

NCA partnered with CISA to create the Cyber Essentials Toolkit. This free resource gives small businesses a step by step approach to improving security.

The toolkit covers data backup strategies, multi factor authentication, password management, and employee training.

“We’re trying to help them understand that they’re a target too,” Plaggemier noted.

THE PSYCHOLOGY OF SECURITY

Plaggemier’s background in psychology shapes everything she does. She knows fear based messaging doesn’t work. People tune out when they feel overwhelmed or scared.

“We try to focus on the positive. Here’s what you need to do, and here’s why, and here’s how to do that.”

The “Oh, Behave!” reports reveal gaps between what people know they should do and what they do. 92% of people know they should use strong, unique passwords. Only 34% follow through.

Understanding this disconnect allows NCA to address real barriers: convenience, time, and perceived complexity.

CDK GLOBAL ATTACK

In June 2024, CDK Global suffered a massive ransomware attack. The hack crippled operations for 15,000 car dealerships across North America. Dealerships reverted to manual processes. They wrote up sales by hand for days.

The BlackSuit ransomware group demanded $25 million.

For Plaggemier, this brought her career full circle. The automotive industry where she built her security foundation was now dealing with one of the most significant supply chain attacks in its history.

BUILDING THE FUTURE

Plaggemier serves on numerous advisory boards and speaks at conferences worldwide. She advocates for recruiting people from diverse backgrounds into cybersecurity.

“There’s room for marketers, psychologists, educators, communicators,” she says.

Her own story proves this. The skills she developed selling cars translate directly to security awareness and education. Reading people. Building trust. Communicating complex ideas simply.

EMERGING THREATS

NCA addresses emerging threats under Plaggemier’s leadership. The 2024 “Oh, Behave!” report found that 65% of people now use AI tools. Most remain untrained on the risks.

Privacy remains a central concern. Data Privacy Week tackles personal information protection, digital footprints, and consumer rights.

Youth education programs teach digital citizenship, online safety, and ethical technology use. Starting early creates a culture of security awareness that follows people throughout their lives.

MEASURING WHAT MATTERS

Traditional security training focuses on compliance metrics. Did people complete the training? Did they pass the quiz?

Plaggemier pushes for different measures. Behavior change over time. Reduction in successful phishing attempts. Increase in reported suspicious activity. Adoption of security tools.

Resources are designed to be useful, not to fulfill regulatory requirements.

KEY LESSONS

Plaggemier’s work offers lessons for communicating complex topics:

Know your audience. What works for developers doesn’t work for executives. What resonates with teenagers doesn’t connect with retirees.

Make threats relatable. Abstract concepts don’t motivate action. Personal stories and real examples help people understand why security matters.

Focus on empowerment, not fear. Scare tactics lead to fatigue and disengagement. Help people feel confident they have the power to protect themselves.

Use multiple channels. Some people prefer video. Others want written guides. Some respond to humor. Others need data. Offer variety.

Measure what matters. Compliance metrics don’t tell you if people are safer. Track behaviors, attitudes, and real-world outcomes.

Build partnerships. Collaborate with others who share your goals. Pool resources and amplify messages.

Keep learning. The threat environment changes. Technology develops. People’s attitudes shift. Stay current and adapt.

THE IMPACT

Lisa Plaggemier’s impact extends beyond the National Cybersecurity Alliance. She has influenced how the industry thinks about awareness, training, and human factors in security.

Her path from selling Fords to leading national cybersecurity education shows that career changes are possible. Your previous experience isn’t wasted. Skills transfer in ways you might not expect.

For organizations struggling to get employees to care about security, Plaggemier’s work offers a blueprint. Stop assuming people share your passion. Make information relevant to their lives. Use stories, humor, and real examples. Respect their time and attention.

THE BOTTOM LINE

In an industry dominated by technical credentials, Lisa Plaggemier represents a different path. She brings marketing savvy, psychological insight, and storytelling talent to the challenge of making cybersecurity accessible.

The biggest security challenge isn’t technology. The biggest challenge is people. Getting people to care, understand, and take action requires different skills than configuring firewalls or analyzing malware.

Attackers exploit human psychology. They use social engineering, phishing, and manipulation. Defending against these threats requires addressing the human element.

Through comedy series, behavioral research, tailored education programs, and partnerships, Plaggemier and NCA are changing how America thinks about online safety.

Her message is clear: cybersecurity belongs to everyone. You don’t need a degree in computer science to protect yourself online. You need good information, practical tools, and the confidence to use them.

more insights

When the Hacker Was an Algorithm

February 2, 2026

When the Hacker Was an Algorithm: Inside the First AI-Orchestrated Cyber Espionage Campaign In September 2025, Anthropic security engineers spotted something wrong in their system

Read more >

The Phantom Hacker

January 30, 2026

The Phantom Hacker: Dylan Wheeler Got Away With $100 Million in Cybercrime Four teenage hackers stole over $100 million from Microsoft, Epic Games, and the

Read more >

ClawdBot/Moltbot

January 27, 2026

ClawdBot/Moltbot: When Viral AI Tools Become Security Nightmares ClawdBot exploded onto the tech scene in January 2026. Within three days, the open-source AI assistant rocketed

Read more >