Tuesday, September 15, 2015

Bring It On Home

   I'm giving a presentation at the Twin Cities ISSA Security Awareness SIG.  I'll be talking about a number of different methods I've used over the years to create buzz and interest about security and make topics accessible to everyone.

   I was planning to refer to one of my earliest blog posts, covering my general philosophy on this topic.  But... going through past posts it appears that, while I've alluded to the ideas, I never actually wrote the post!  So I'll do that now!

   Like the song says, I try to bring it on home.  I find that while people do want to understand security rules at work, when we start talking about things like home computers, smart phones and family internet safety, then we get peoples' attention.

   And that's a great thing!  For a bunch of reasons:
  • When people think about protecting themselves and family and data, it helps them remember that in the office we are protecting customers'/patients'/users' privacy and data.
  • Security needs the eyes and ears of all staff to help us know what is going on.  Security Awareness focusing on personal topics helps open the communication channels to the security team.  We're not so scary! :-)
  • When staff understand more about how security topics can help them, we gain real evangelists.
   And yet there is still controversy about the usefulness of Security Awareness.  But I think it's one of the most important and useful things we can do to help secure our environments.

   Here's a link to the slides from my presentation.

   And here are a few of my past favorite security awareness posts:
   If you are a computer use, what are some topics you'd like to learn more about?

   If you are an information security professional, what tips and techniques would you like to share?

1 comment:

  1. Thanks for the ISSA webinar Barry - definitely thought provoking, in fact I've written a piece on my blog , prompted by some of the things you said: see http://blog.noticebored.com/2015/11/security-awareness-without-resources-5.html

    Kind regards, Gary