Inform and motivate

The malware encyclopedia destined for inclusion in our next awareness module is coming along nicely ...




It's interesting to research and fun to write in an informative but more informal style than the glossary, with several decidedly tongue-in-cheek entries so far and a few graphics to break up the text.

I guess it will end up at about 20 pages, longer than usual for a general security awareness briefing but 100% on-topic. There's a lot to say about malware, being such a complex and constantly evolving threat. I hope the relaxed style draws readers in and makes them think more carefully about what they are doing without being too do-goody, too finger-wagging. Prompting changes of attitudes and behaviors is our aim, not just lecturing the troops. Awareness and training is pointless if it's not sufficiently motivational.

PS After trimming out the more obscure entries, it worked out at 11 pages plus the cover page.

Popular posts from this blog

Pragmatic ISMS implementation guide (FREE!)

Two dozen information risks that ISO forgot

Philosophical phriday - compliance risk

ISMS internal audit priorities

Reading between the lines of ISO27001 [L O N G]

Passionate dispassion

45 ISO Management Systems Standards

Philosophical phriday - a noncompliance ramble

Adaptive SME security Crowdstrike special