Below are some brief tips and links to tools you can use to have a successful security awareness month.
October is security awareness month, which is a great time to schedule activities company wide to facilitate the awareness of Information Security. It's also a great opportunity for security practitioners to (re) introduce ourselves to employees and contractors and have them put a face to the name.
Of course, make sure you clear these activities with your designated stakeholder. They may be aware of corporate meetings and activities that may work well with your plan.
Make sure your activities are FUN and ENGAGING.
Entice people to join and participate in your activities. See Swag & Rewards below for ideas.
Everyone is in slack! Use some of the methods below to facilitate.
Engagement should generally not exceed more than 2X/week.
Create a #security channel if not already
Cross-post informaiton in the #general
Get HR/PeopleOps heads up/buy in prior
Send an introduction to #general or #announcements channel, depending on the slack. Obtain permission before using @here or @channel
Send a slack poll periodically in public channels with interesting questions.
Make sure to TEST your setup properly before deploying.
Kahoot is a popular game.
Give away some things. Can be to participants, the whole company, or winners.
Rubber duckies
Stickers
T-Shirts
Mentions in Slack & Email, or at All-Hands
Leaderboards
Need help designing your security awareness program for October or the year? Need someone to design or MC a Hacker Jeopardy event for you? Get in touch!
Thank you for reading Last Week As A vCISO. This post is public so feel free to share it.
Reply