Re: Lunch and learn

[Tim Krabec <tkrabec () gmail com>]

Good Points Ken,
KISS(Keep It Simple Stupid) & WIIFM (What's In It For Me) are 2 things we
need to keep in mind.

To all:
We're tentatively planning a skype conference call 1st Wed in January 2011
due to travels & Holidays.  I'll start a google doc to track Ideas until
then.

email/twitter/etc me if you want in


On Wed, Dec 15, 2010 at 1:55 PM, Kenneth Voort <listbounce-01 () voort ca>wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> A few thoughts from my experiences with this...
>
> The moment you put the words "security" or "computer" into the subject of
> the lunch n' learn
> people's interest levels plummet. The most successful ones I've run have
> surreptitiously hidden
> their true intentions by putting some sort of spin on it. For certain
> topics, you might find the
> technical segment of your workforce showing up because of the cool factor,
> but attracting the
> remainder is a bit more difficult, especially for the SMB market. Web
> security discussions and live
> penetration demos attract the tech savvy but leave the rest utterly
> disinterested. Leave those for
> lunches specifically intended for that audience.
>
> Rather than a title like "Computer Security Basics", use a title like
> "Keeping Your Children Safe
> Online", or rather than "Real-world Dangers of Identity Theft", use
> something like "Safe Online
> Shopping for the Holiday Season". Of course, you'd need to tailor your
> talking and/or discussion
> points to cater to the more creative subjects, but the core lessons remain
> the same; it's all about
> spin doctoring it.
>
> A few of the most successful lunch n' learns I've hosted include "Keeping
> Your Children Safe
> Online"(I did a six month series on that one), "Online Shopping Tips for
> the Technologically
> Challenged", and "Facebook Privacy Controls". Several times I've also
> covered current events; I did
> a quite successful Melissa virus explanation back in the day. Doing current
> events connects the
> subject to something real-world in most people's minds. The discussions and
> questions always allow
> me to get the same point across that I would with a "Computer Security
> Basics" meeting, but with a
> far more receptive and varied audience.
>
> Don't count on an accurate attendance list. People rarely commit to lunch
> n' learns, many who don't
> will show up, and many who do, won't. They're useful only as a way to guage
> interest. If you find a
> sweet spot subject, see if you can turn it into a series of meetings. And
> always provide lunch.
>
> If you're having trouble finding a way to twist the subject matter to
> appeal to people, see if your
> HR or PR people (or even lawyers if you have them on staff) can help. Not
> only are they experts at
> making the unappealing more appealing, they are also the target audience
> usually missed by these
> things and can speak for a lot of people. If you can find a second person
> to host these with, give
> that a try as well. I always find lunch n' learns more interactive with two
> presenters. I guess it
> appears less like a soapbox lecture if you're not alone.
>
> On 10-12-15 11:57 AM, Aaron wrote:
> > I've been tossing this idea around for a while now and I want to reach
> out to this group for
> > thoughts and suggestions. I know a lot of us work in the small/medium
> business arena but some are
> > also in very large enterprises. Regardless of where we work or the size
> of the organization, I think
> > as a group we continually are trying to educate users and each other
> about security (albeit not
> > always successfully). Whether it's physical security of ones home, data
> security on a personal or
> > work computer, or even social engineering security.
> >
> > My plan is this; at places I work or consult for, offer an opportunity to
> discuss security related
> > concerns with the staff at a lunch once per month. Obviously lunch would
> be provided. I don't
> > necessarily want this to be a "meeting" where I or someone else gets up
> and preaches for 30 or 45
> > minutes but an actual discussion. Find out what questions and concerns
> people have not only about
> > work-related items but in day-to-day things. Obviously this would
> necessitate the solicitation of
> > ideas, concerns, and interests from those attending the meeting prior to
> the event.
> > So to my point. Has anyone been to one of these sorts of things or put
> one on? If so, how did it go?
> > Did it seem to be well received? Were people interested in it or did they
> look at it as YAM (Yet
> > Another Meeting)?
> >
> > Thoughts, suggestions, criticisms, all welcome. If things work out the
> way I hope they will I'm
> > considering putting together a site where a framework can be built for
> this sort of thing. Maybe
> > have notes, how to plan, and how to run one of these Lunch & Learns.
> >
> > Thanks for your time!
> >
> > Aaron
> > (subdriven)
>
> - --
> Kenneth Voort - kenneth {at} voort <SPAMGUARD> {dot} ca
> FDF1 6265 EBAB C05C FD06 1AED 158E 14D6 37CD E87F | pgp encrypted email
> preferred
> -----BEGIN PGP SIGNATURE-----
>
> iEYEARECAAYFAk0JDxAACgkQFY4U1jfN6H/CBQCcDkiO2t5Hg4y/eAa6wsNTsciw
> OcgAoJReKsMUC7rDnAZdfWyKuTGEVw9k
> =1LiL
> -----END PGP SIGNATURE-----
>  _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com



-- 
Tim Krabec
Kracomp
772-597-2349
www.kracomp.com
www.smbminute.com (podcast)
tkrabec.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com