-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
A few thoughts from my experiences with this...
The moment you put the words "security" or "computer" into the subject of the
lunch n' learn
people's interest levels plummet. The most successful ones I've run have
surreptitiously hidden
their true intentions by putting some sort of spin on it. For certain topics,
you might find the
technical segment of your workforce showing up because of the cool factor, but
attracting the
remainder is a bit more difficult, especially for the SMB market. Web security
discussions and live
penetration demos attract the tech savvy but leave the rest utterly
disinterested. Leave those for
lunches specifically intended for that audience.
Rather than a title like "Computer Security Basics", use a title like "Keeping
Your Children Safe
Online", or rather than "Real-world Dangers of Identity Theft", use something
like "Safe Online
Shopping for the Holiday Season". Of course, you'd need to tailor your talking
and/or discussion
points to cater to the more creative subjects, but the core lessons remain the
same; it's all about
spin doctoring it.
A few of the most successful lunch n' learns I've hosted include "Keeping Your
Children Safe
Online"(I did a six month series on that one), "Online Shopping Tips for the
Technologically
Challenged", and "Facebook Privacy Controls". Several times I've also covered
current events; I did
a quite successful Melissa virus explanation back in the day. Doing current
events connects the
subject to something real-world in most people's minds. The discussions and
questions always allow
me to get the same point across that I would with a "Computer Security Basics"
meeting, but with a
far more receptive and varied audience.
Don't count on an accurate attendance list. People rarely commit to lunch n'
learns, many who don't
will show up, and many who do, won't. They're useful only as a way to guage
interest. If you find a
sweet spot subject, see if you can turn it into a series of meetings. And
always provide lunch.
If you're having trouble finding a way to twist the subject matter to appeal to
people, see if your
HR or PR people (or even lawyers if you have them on staff) can help. Not only
are they experts at
making the unappealing more appealing, they are also the target audience
usually missed by these
things and can speak for a lot of people. If you can find a second person to
host these with, give
that a try as well. I always find lunch n' learns more interactive with two
presenters. I guess it
appears less like a soapbox lecture if you're not alone.
On 10-12-15 11:57 AM, Aaron wrote:
> I've been tossing this idea around for a while now and I want to reach out to
> this group for
> thoughts and suggestions. I know a lot of us work in the small/medium
> business arena but some are
> also in very large enterprises. Regardless of where we work or the size of
> the organization, I think
> as a group we continually are trying to educate users and each other about
> security (albeit not
> always successfully). Whether it's physical security of ones home, data
> security on a personal or
> work computer, or even social engineering security.
>
> My plan is this; at places I work or consult for, offer an opportunity to
> discuss security related
> concerns with the staff at a lunch once per month. Obviously lunch would be
> provided. I don't
> necessarily want this to be a "meeting" where I or someone else gets up and
> preaches for 30 or 45
> minutes but an actual discussion. Find out what questions and concerns people
> have not only about
> work-related items but in day-to-day things. Obviously this would necessitate
> the solicitation of
> ideas, concerns, and interests from those attending the meeting prior to the
> event.
>
> So to my point. Has anyone been to one of these sorts of things or put one
> on? If so, how did it go?
> Did it seem to be well received? Were people interested in it or did they
> look at it as YAM (Yet
> Another Meeting)?
>
> Thoughts, suggestions, criticisms, all welcome. If things work out the way I
> hope they will I'm
> considering putting together a site where a framework can be built for this
> sort of thing. Maybe
> have notes, how to plan, and how to run one of these Lunch & Learns.
>
> Thanks for your time!
>
> Aaron
> (subdriven)
- --
Kenneth Voort - kenneth {at} voort <SPAMGUARD> {dot} ca
FDF1 6265 EBAB C05C FD06 1AED 158E 14D6 37CD E87F | pgp encrypted email
preferred
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAk0JDxAACgkQFY4U1jfN6H/CBQCcDkiO2t5Hg4y/eAa6wsNTsciw
OcgAoJReKsMUC7rDnAZdfWyKuTGEVw9k
=1LiL
-----END PGP SIGNATURE-----
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
