October Is Security Awareness Month
If you haven't done anything by now, feel free to take something from the playbook below. You can also do this year round. :)
Below is a literal cut and paste from my internal playbook to my consultants to help make security awareness month a little more fun. I’m always expanding it, but wanted to share it with you. If you have any fun activities you’d like to share, feel free to comment below.
October is security awareness month, which is a great time to schedule activities company wide to facilitate the awareness of Information Security. It's also a great opportunity for us to (re) introduce ourselves to employees and contractors and have them put a face to the name.
If you are the Lead vCISO for a client, you are expected to conduct and facilitate some of these activities.
Of course, make sure you clear these activities with your designated stakeholder. They may be aware of corporate meetings and activities that may work well with your plan.
Make sure your activities are FUN and ENGAGING. If you don't have the stomach or creativity for such activities, please contact @Ayman Elsawah or anyone else for help. We'd be happy to help you.
General Audience Activities
Entice people to join and participate in your activities. See Swag & Rewards below for ideas.
Everyone is in slack! Use some of the methods below to facilitate.
Engagement should generally not exceed more than 2X/week.
#general for short
Introduce Security Awareness Month
Send an introduction to
#announcements channel, depending on the slack. Obtain permission before using
Slack Poll & Quizzes
Send a slack poll periodically in public channels with interesting questions.
Interactive Games and Events
Make sure to TEST your setup properly before deploying.
JeopardyLabs - Online Jeopardy Template
COSMOBUZZ - Online Multiplayer Buzzer
Kahoot is a popular game.
Engineer Specific Activities
CTFd : The Easiest Capture The Flag Framework
Swag / Rewards
Give away some things. Can be to participants, the whole company, or winners.
Mentions in Slack & Email, or at All-Hands