October Is Security Awareness Month
If you haven't done anything by now, feel free to take something from the playbook below. You can also do this year round. :)
Below are some brief tips and links to tools you can use to have a successful security awareness month.
October is security awareness month, which is a great time to schedule activities company wide to facilitate the awareness of Information Security. It's also a great opportunity for security practitioners to (re) introduce ourselves to employees and contractors and have them put a face to the name.
Of course, make sure you clear these activities with your designated stakeholder. They may be aware of corporate meetings and activities that may work well with your plan.
Make sure your activities are FUN and ENGAGING.
General Audience Activities
Entice people to join and participate in your activities. See Swag & Rewards below for ideas.
Everyone is in slack! Use some of the methods below to facilitate.
Engagement should generally not exceed more than 2X/week.
Create a #security channel if not already
Cross-post informaiton in the #general
Get HR/PeopleOps heads up/buy in prior
Introduce Security Awareness Month
Send an introduction to #general or #announcements channel, depending on the slack. Obtain permission before using @here or @channel
Slack Poll & Quizzes
Send a slack poll periodically in public channels with interesting questions.
Interactive Games and Events
Make sure to TEST your setup properly before deploying.
Kahoot is a popular game.
Engineer Specific Activities
Swag / Rewards
Give away some things. Can be to participants, the whole company, or winners.
Mentions in Slack & Email, or at All-Hands
Need Help Designing Your Program?
Need help designing your security awareness program for October or the year? Need someone to design or MC a Hacker Jeopardy event for you? Get in touch!
Thank you for reading Last Week As A vCISO. This post is public so feel free to share it.