The Analogies Project - Finding The Hidden InfoSec Story

   For all the IT pros out there who are responsible for security training, what do you do?  If you're like me, it's a struggle to get employees to listen to us or to even open the emails we send warning them of the coming Apocalypse.  Alright, maybe not the Apocalypse, but of what the new threat is to the business.  A lot of times, it feels like anything we say goes in one ear and out the other.

Someone clicked on a link...
didn't they??

   I have found a couple of resources that might help you.  The first one is called The Analogies Project - Finding The Hidden InfoSec Story.  This provides stories that helps explain the important topics for Information Security in easier to digest ways for employees.  While some of these stories can be quite long, they provide easier to understand analogies that us mighty IT pros understand with no need for translation!  Now the lowly user might truly understand why it's so damn important not to click on any link they see.. hopefully.

   As a bonus, I also wanted to share a video that might serve you well when dealing with yearly training of employees like I do.  Ugh... sometimes it feels like it's not even worth doing as they'll keep doing what they do because no one really punishes them when they do the wrong thing.  Anywho, one thing that I learned quickly when running training is to keep it as short as possible.  Please, just don't do a training session for an hour.  Most will probably fall asleep.  Try to keep it between 30-40 min, and avoid going into too much detail.  If you can, relate what you're talking about to recent events.  No point in discussing something over a few months old.  Lastly, consider showing this video at the end to wrap things up on a light note.  I've shown this in my Information Security training this year and it seems to have helped reinforce what I talk about.  I'm sure you'll get a good laugh out of it too, enjoy!

And as always, stay safe goblins.

SHARE

About Anonymous