digital self defense
TRANSCRIPT
![Page 1: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/1.jpg)
Pfizer Global Security Conference
Ben Woelk
ISO Program Manager
Rochester Institute of Technology
![Page 2: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/2.jpg)
Copyright © 2014 Rochester Institute of Technology
Presentation Overview
• Background
• Communications Plan Basics
• RIT Implementation
• Success?
• Discussion
![Page 3: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/3.jpg)
Copyright © 2014 Rochester Institute of Technology
BACKGROUND
![Page 4: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/4.jpg)
Copyright © 2014 Rochester Institute of Technology
My Background
• Corporate
• Higher Education
– ISO Office
– Adjunct
• Techcomm
• Computing Security
![Page 5: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/5.jpg)
Copyright © 2014 Rochester Institute of Technology
Rochester Institute of Technology
• RIT Environment– 18,000 students
– 3,500 faculty and staff
– International Locations
– ~40,000+ systems on the network at any given time
– Very skilled IT security students
![Page 6: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/6.jpg)
Copyright © 2014 Rochester Institute of Technology
RIT Information Security
• RIT ISO– 3 full time
• Information Security Officer
• Program Manager
• Sr. Forensics Investigator
– 1-4 student employees
• Mix of coop and part-time
• Risk Management, not Information Technology
![Page 7: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/7.jpg)
Copyright © 2014 Rochester Institute of Technology
COMMUNICATIONS PLAN BASICS
![Page 8: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/8.jpg)
Copyright © 2014 Rochester Institute of Technology
Communications Plan
• Benefits
– Systematic approach
– Repeatable
– Set and achieve goals
– Be proactive
– Be strategy driven, not event driven
– Strategic plan drives marketing/communications
plan
![Page 9: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/9.jpg)
Copyright © 2014 Rochester Institute of Technology
TechComm 101
• “We explain things” (R. J. Lippincott,
Intercom)
• Characteristics
– Interactive and adaptable
– Reader centered
• Personas
– Contextualized
– Concise
– Visual
– Cross cultural
![Page 10: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/10.jpg)
Copyright © 2014 Rochester Institute of Technology
RIT IMPLEMENTATION
![Page 11: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/11.jpg)
Copyright © 2014 Rochester Institute of Technology
Challenges
• Multiple audiences
• Messaging overload
• 30% annual turnover
• What, me worry?
• Dry/technical subject
![Page 12: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/12.jpg)
Copyright © 2014 Rochester Institute of Technology
Digital Self Defense Goals
• Inform the entire population about threats.
• Educate new members of the RIT community
on Information Security topics.
• Maintain current information outputs and
engagement on Information Security topics.
• Create new avenues for communication to
expand awareness of Information Security
office.
• Inform community of new Infosec initiatives
![Page 13: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/13.jpg)
Copyright © 2014 Rochester Institute of Technology
Target Audiences
![Page 14: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/14.jpg)
Copyright © 2014 Rochester Institute of Technology
Strategies
• Consistent outreach
• Creative/fun deliverables
• New communication channels
• “What’s in it for me?” fulfillment
– Emphasizing home use
– Easy-to-implement best practices
– Consequences of non-compliance
– Interactive elements
![Page 15: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/15.jpg)
Copyright © 2014 Rochester Institute of Technology
Security Awareness Plan
• Components
– Audience analysis
– Key messages
– Communications channels
– Calendar of promotions
– Develop relationships
![Page 16: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/16.jpg)
Copyright © 2014 Rochester Institute of Technology
Key Message
• Short and Simple
![Page 17: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/17.jpg)
Copyright © 2014 Rochester Institute of Technology
Calendar of Promotions
![Page 18: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/18.jpg)
Copyright © 2014 Rochester Institute of Technology
Monthly TopicsMonth Topic
June, July, August Pre-Semester, Start of Semester
September New Students, New Semester, New Threats
October Cyber Security Awareness Month
November No Click November
December Scams and Hoaxes
January Data Privacy Month
February Ph(F)ebruary Phish
March Mobile Device Madness
April Spring Cleaning
May Graduating to Good Passwords
![Page 19: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/19.jpg)
Copyright © 2014 Rochester Institute of Technology
Pre-Semester/Start of Semester
![Page 20: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/20.jpg)
Copyright © 2014 Rochester Institute of Technology
Communications Channels
• What’s the best vehicle?
![Page 21: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/21.jpg)
Copyright © 2014 Rochester Institute of Technology
Develop Relationships
![Page 22: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/22.jpg)
Copyright © 2014 Rochester Institute of Technology
RIT Infosec Website
![Page 23: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/23.jpg)
Copyright © 2014 Rochester Institute of Technology
RIT Social Media
![Page 24: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/24.jpg)
Copyright © 2014 Rochester Institute of Technology
Posters
![Page 25: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/25.jpg)
Copyright © 2014 Rochester Institute of Technology
Go Phish
https://www.pinterest.com/ritinfosec/playing-cards-by-rit-information-security/
![Page 26: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/26.jpg)
Copyright © 2014 Rochester Institute of Technology
Alerts and Advisories
• Message Center
Portal/email
• Ad hoc
• ~20 per academic
year
![Page 27: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/27.jpg)
Copyright © 2014 Rochester Institute of Technology
Move-in
![Page 28: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/28.jpg)
Copyright © 2014 Rochester Institute of Technology
New Student Orientation
![Page 29: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/29.jpg)
Copyright © 2014 Rochester Institute of Technology
Lightning Talks
• Six minute presentations
• Slides move every 18 seconds
• Topics
– Online reputation management
– Illegal file sharing
– Safe use of social media
– Security standards at RIT
![Page 30: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/30.jpg)
Copyright © 2014 Rochester Institute of Technology
DSD Lightning Talk
• https://youtu.be/ef5XMlfQPxs?t=1862
![Page 31: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/31.jpg)
Copyright © 2014 Rochester Institute of Technology
SUCCESS?
![Page 32: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/32.jpg)
Copyright © 2014 Rochester Institute of Technology
Evaluation Tools
• Internal survey tool
– Fall baseline
– Spring progress
![Page 33: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/33.jpg)
Copyright © 2014 Rochester Institute of Technology
Social Media Evaluation
![Page 34: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/34.jpg)
Copyright © 2014 Rochester Institute of Technology
External Evaluations
• Use with care
• Kred (2013)
– Influence (trust)
– Outreach (propensity to share)
• Klout (2009)
– Perceived social influence
![Page 35: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/35.jpg)
Copyright © 2014 Rochester Institute of Technology
Evaluate and Make Mid-Course Corrections• You will make mistakes
• Don’t be afraid to make a change
• Did it make a difference?
• Ways to evaluate
– Surveys
– Analytics
From austinevan
![Page 36: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/36.jpg)
Copyright © 2014 Rochester Institute of Technology
Key Success Factors
• What’s in it for them?
• Relevant at home as well as at work
• Reach them where they are
![Page 37: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/37.jpg)
Copyright © 2014 Rochester Institute of Technology
Resources
• EDUCAUSE
– Cybersecurity Awareness Resource Library
– Security Awareness Quick Start and Advanced
Guides
• W. K. Kellogg Foundation Template for
Strategic Communications Plan
• Richard Johnson-Sheehan Technical
Communication Today
• Society for Technical Communication
![Page 38: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/38.jpg)
Copyright © 2014 Rochester Institute of Technology
Contact Me
Ben Woelk
[email protected]; [email protected]
Benwoelk.com
@benwoelk
www.linkedin.com/in/benwoelk/
![Page 39: Digital Self Defense](https://reader031.vdocuments.us/reader031/viewer/2022031918/55a6bf611a28ab31688b46a6/html5/thumbnails/39.jpg)
Copyright © 2014 Rochester Institute of Technology
DISCUSSION