Cyber Security Awareness Month - Daily Topics
October is Cyber Security Awareness Month and the Internet Storm Center is going to focus on one security awareness subject per day. We plan to provide useful information for information security professionals who want to educate their users but do not have a ready set of awareness tips.
We asked for your ideas and boy did you have some good ones. To all of our readers who sent in hundreds of ideas over the past two weeks, thanks very much! It took a bit of work but I think we've got about 95% of the topic suggestions covered. Below is the list of topics by week and day that we will use them in October. As you'll see, the first week focuses on tips for getting the message out to your users. Subsequent weeks focus on specific topics.
We need your help beginning this weekend and continuing through the month of October. If you would like to submit a tip, please use our contact form and be sure to put something in the subject like "Security Tip, day 15" to make it easier for us to sort them. Keep your tips brief and to the point, also remember that the audience is the end user, not your sysadmins or netops geeks.
1. Establishing a User Awareness Training Program
1 Penetrating the "This Does Not Apply To Me" Attitude
2 Multimedia Tools, Online Training, and Useful Websites
3 Getting the Boss Involved
4 Enabling the Road Warrior
5 Social Engineering and Dumpster Diving Awareness
6 Developing and Distributing Infosec Policies
2. Best Practices
7 Host-based Firewalls and Filtering
8 Anti-Virus, Anti-Spyware, and Other Protective Software
9 Access Controls, Including Wireless, Modems, VPNs, and Physical Access
10 Authentication Mechanisms (Passwords, Tokens, Biometrics, Kerberos, NTLM, Radius)
11 File System Backups
12 Managing and Understanding Logs on the Desktop or Laptop (AV, Firewall, or System Logs)
13 Patching and Updates
3. Hardware/Software Lockdown
14 Data Encryption
15 Protecting Laptops
16 Protecting Portable Media like USB Keys, iPods, PDAs, and Mobile Phones
17 Windows XP/Vista Tips
18 Mac Tips
19 Linux Tips
20 Software Authenticity (Digital Signatures, MD5, etc.)
4. Safe Internet Use
21 Understanding Online Threats, Phishing, Fraud, Keystroke Loggers
22 Detecting and Avoiding Bots and Zombies
23 Using Browsers, SSL, Domain Names
24 Using Email, PGP, X509 Certs, Attachments
25 Using Instant Messaging and IRC
26 Safe File Swapping
27 Online Games and Virtual Worlds
5. Privacy and Protection of Intellectual Property
28 Cookies
29 Insider Threats
30 Blogging and Social Networking
31 Legal Awareness (Regulatory, Statutory, etc.)
Marcus H. Sachs
Director, SANS Internet Storm Center
Comments