Re: Faculty Acceptance of Security Awareness Education?

[Allison Dolan <adolan () MIT EDU>]

WIthin the somewhat narrower context of protecting personal
information, we've had good success with the small group sessions.
Our 15-20 page slide deck can be covered in 20 minutes with no Q&A,
but if it is a departmental meeting or other similarly focused group,
we typically run a full hour, as people get engaged in talking about
how it applies in their area.  We talk from handouts (Powerpoint can
do 4 per page, so the paper issue isn't huge) - we found using
projectors decreased the audience engagement.  We bought some 'thanks
a million' chocolate bars from totallychocolate.com as a mini-reward
for attending the session.

Somewhat relatedly - I talked with a rep from Awareity about their
product MOAT - an entirely online tool (no HW/SW) which can deliver
'training'/awareness, as well as tracking who accessed and if they
passed an optional test.  It includes some of their own training/
awareness, but also allows for any user materials.  Seemed pretty
easy to use, robust, and not too pricey.   Anyone used them or
evaluated them and willing to share your findings (on or off list)?


Allison F. Dolan
Program Director, Protecting Personally Identifiable Information
Massachusetts Institute of Technology



On Nov 17, 2009, at 2:30 PM, Hugh Burley wrote:

> I began developing my own face-2-face program last winter.
> Initially I had about 200 potential slides and needed to figure out
> how to present core content in one hour.  With the assistance of a
> small group of ITS staff with training experience I set up an
> Information Security Awareness Training Team and managed to reduce
> the slide deck to its current length of 46 slides, which has become
> our Information Security Awareness Essentials presentation.