A-to-Z of outsider threats

I love it when a plan comes together!  

We're close to completing the 'outsider threats' security awareness module for September, checking and finalizing the materials. Things are getting tense as the IsecT office clock ticks away the remaining hours.

Normally, we develop awareness briefings for each of the three audience groups from the corresponding three awareness seminar slide decks, using the graphics and notes as donor/starter content and often following a similar structure. 

Having finished the staff seminar this morning, I anticipated using that as the basis for a staff briefing as usual ... but, on reflection, I realized that we have more than enough content to prepare a lengthier A-to-Z guide to outsider threats instead. 

The sheer number and variety of outsider threats and incidents is itself a strong awareness message. Listing and (briefly) describing them in an alphabetical sequence makes sense. 

This will be an interesting read for awareness and training purposes and, I believe, a useful reference document - essentially a 'threat catalog' to help identify and assess the information risks relating to outsiders and other external threats. 

If your current list of outsider threats and risks has only a handful of entries, you should expect to be caught out by any of the dozens you have failed to consider.

Preparing it sounds great in theory but potentially it's too much work for the little time remaining ... except that I had the foresight to prepare a Word template for the A-to-Z guides from the last one we prepared. Now 'all I have to do' is paste in lists of threats and incidents already written in other awareness materials, click the magic button to sort them alphabetically, apply the Word styles to make the whole product look presentable then check it through for consistency. OK so there's a bit more to it than that but it's coming along rapidly and will be done in time. Having written about 9 pages so far, I'm taking a break after some 9 hours' intense concentration, resting and hoping not to wake up at 2 or 3 am with a head full of it!  It needs about 2 or 3 more hours' work in the morning to complete the remaining 2 or 3 pages (spot the formula!). At least, that's the plan.

When it's all done, maybe we could offer it for sale as a combined awareness/training piece and outsider threat catalog through the SecAware website: what do you think?  Is it something that would interest you dear reader? Would you be prepared to invest a few dollars for immediate download? Our subscribers will receive it as part of their subscription, naturally, but I think it has some potential and value as a standalone product for wider readership. 

Failing that, we might just release it as a freebie for marketing purposes, or seek to get it published in one of the trade journals. Or sit on it, updating it from time to time as inspiration strikes. We'll see how it goes.  

For now, though, I'm all in and off to bed to recharge my flagging grey matter for the final slog.