Some may say that security awareness training isn't about being engaging. I could go either way that. One example I think sets an interesting tone is PagerDuty's awareness training that was made public (sudo.pagerduty.com, I believe).I also prefer to try not to talk down to the audience. I know we probably have the hardest time trying to get the lowest 10% pulled up and understanding things, but ... Try to instead give real insight for those that already know a little, and try to improve their own awareness and security even beyond the business. Haha i know what you mean by the either way comment.
Hey eddo1! Lisa Plaggemier recently joined our team here at InfoSec and specializes in this area (formerly ran the security training and awareness program for CDK Global). I think you'll find this presentation from her helpful: [snipped]
Is powerpoint still the go to software for presenting slides to an audience?Are there any other tools that you would recommend? I had seen Prezi recommended but have not tried it.
How do you reach people who have a negative reaction to anything security, usually because the idea that they are being purposely targeted to be scammed, robbed, or taken advantage of in some other way is a very fearful thing to them?
No joke, a talk from Lisa on YouTube was one of the things I had in mind in my first post! I had originally planned to mention talks from SANS or Defcon on security awareness, but couldn't find what I had seen. Then I recognized that name!
One of my big projects in the next few months will be working with the agency that did DYDN to create a video series for our clients.