Upload File

making information security fun

16
Ben Woelk Policy and Awareness Analyst Information Security Office Rochester Institute of Technology 585.475.4122 [email protected] Making Informatio n Security Fun

Upload: ben-woelk-cissp

Post on 08-May-2015

1.873 views

Category:

Technology


2 download

Report

DESCRIPTION

High level description of marketing plan and implementation of key messaging around security awareness at the Rochester Institute of Technology.

TRANSCRIPT

Page 1: Making Information Security Fun

Ben WoelkPolicy and Awareness AnalystInformation Security OfficeRochester Institute of [email protected]

Making Information Security Fun

Page 2: Making Information Security Fun

Introduction—the Problem

• Everyone is a target• Identity theft is big business

• You can’t rely on others to protect you

2

Page 3: Making Information Security Fun

Avert Labs Malware Research

3Retrieved July 24, 2009 from:http://www.avertlabs.com/research/blog/index.php/2009/07/22/malware-is-their-businessand-business-is-good/

Page 4: Making Information Security Fun

Phishing on Social Network Sites

http://www.markmonitor.com/download/bji/BrandjackingIndex-Spring2009.pdf

4

Page 5: Making Information Security Fun

Solution

•We needed a plan–Systematic repeatable–Goals–Proactive

Page 6: Making Information Security Fun

Components of a Plan

• Audience analysis• Key messages• Channels• Calendar• Relationships

Page 7: Making Information Security Fun

What are Our Key Messages?• Data handling• Mandatory compliance • Phishing, Social engineering

• Protecting IP/Research

Page 8: Making Information Security Fun

RIT Profile

Rochester Institute of Technology, founded 1829• ~18,000 students, mainly

residential• 10% international • 1300+ deaf or hard of

hearing (NTID)• ~3000 faculty and staffRespected leader in professional and career-oriented educationEight colleges, 80 majors, 3600 co-op students yearly

Page 9: Making Information Security Fun

Branding

Consistency

Page 10: Making Information Security Fun

Web Presence

• Use official university communications channels

• Target messages to faculty, staff, and/or students

Page 11: Making Information Security Fun

Social Media

• Meet students where they are• Post directly from Facebook

to Twitter

Page 12: Making Information Security Fun

Private Information Management

Page 13: Making Information Security Fun

• Temporarily reduced response rate from ~25 per attempt to ~4 per attempt

Phishing Awareness

Page 14: Making Information Security Fun

Orientation

Page 15: Making Information Security Fun

• Participate in faculty events

• Hit hot topics

Faculty

Page 16: Making Information Security Fun

Practice Digital Self Defense

16

@RIT_Infosecwww.facebook.com/RITInfosecSecurity.rit.edu


Making pr more fun & games

Making is fun!

Making Reading fun For Kids

Making Math Fun

Making Family Bonding Fun This Summer !

Making Javascript Fun Again

Making moodle more social and fun

Fun With Spring Security

Guild to making Toastmasters FUN !!!

Making Language Learning Fun

Making Education Fun

Making city life fun

Making LinkedIn fun and profitable

Making the iPad Educational, and Fun!

Making Science Fun & Approachable - Stanford University

Sass - Making CSS fun again

Making Learning Fun

Candle Making for Fun! - The Eye Making for Fun... · candle Making for Fun! was produced for compass point Books by Bender richardson white, uk Library of Congress Cataloging-in-Publication

Making elections fun

Making Grammar Lessons Fun

Making Finances Fun

Making homework fun

Making IT Accessibility Accessible (And Fun?)

GR 1 - Making English Fun

Making fun of your malware

Making Computer Science Fun Again

Making Genetics Easy and Fun

CUCUMBER - Making BDD Fun

Making Support Fun & Profitable: DrupalCon Portland

Gamification - making work fun, or making fun of work?

Making Software Fun

Making People Laugh for Fun & Profit

Making banking fun

Iste 2013 making learning fun

Making leadership fun!