Brahms and Liszt


Fueled by a lot of Brahms and a wee tot of rum, half an hour's idle brainstorming on the purpose and objectives for information security awareness generated the following little Liszt:
  • Rites, rituals
  • Rite of passage
  • Ritual slaughter
  • Religions
  • Belief systems 
  • Cult, visionary leader, positional power, faith
  • Sheep, lemmings
  • Wolves, packs, threats, skills
  • Group-think, conformity
  • Compliance, rules, constraints, in the box
  • Individuality, creativity, nonconformity, freedom, out of the box
  • Hippies, communes, cliques
  • Hallucinogens
  • Noncompliance
  • Cultural norms, expectations
  • Counter-cultural, bucking trends
  • Conventions, habits, preferences
  • Automatic behaviours, instincts
  • Socialising infosec
  • Social pressure, influence, shared values
  • Social acceptability
  • Social structures, hierarchies, links
  • Networks and relationships
  • Families, organizations, departments, teams, groups, cliques
  • Nations
  • Interactions
  • Dynamics
  • Pressures
  • Battles, wars, competition for scarce resources
  • Reproductive success
  • Change, complexity
  • Systems, chaos, unpredictability, risk
  • Structure, predictability, stability
  • Maturity, development, continuous improvement
  • Expertise, experience, knowledge, wisdom
  • Best practice
As presented above, you may be able to follow the logic but to be honest it didn't flow forth in that linear sequence so much as a seemingly random jumble of often disturbing thoughts - more nightmare than bedtime story. 

Re and they all lived happily ever after, I'm not at all sure where this is going. Several of those things are obscure, off-topic or taboo (hey, another bullet point!) but as to whether they might or might not be appropriate for inclusion in the Information Security 101 awareness materials I can't say at this point. It might be fun to elaborate on some of them, a creative challenge for sure and maybe just the thing to connect with audience segments that resist our more conventional approach to security awareness ... but think about your own reactions as you read the list: they might equally confuse or turn people away from the topic. 

The solution to this conundrum, hopefully, is to sleep on it.