So I saw the recent post on ISC about the upcoming Cyber Security Awareness Month in October. It’s already prompted some discussion at work that looks like it’ll have a productive end, and I’ve also got a SANS class starting around that time.
I’d like to incorporate it into my class, but I’m looking for ideas on how to do it. (I also plan on posting everything here, so you don’t have to be in the SANS class to get it, but I won’t stop you from registering. 
) So far, I’ve come up with the items below.
- Teaching Others to Stay Safe Online - Kind of a how to; it’s always better to understand something if you have to teach it, they’re going to be learning the GSEC material, could bundle it together. Plus; who doesn’t want their friends/family to not be safe online? Sure saves you time in IT support calls.
- Avoiding Social Engineering – To an extent, it’s not possible, but most of us won’t even realize that we’re being engineered to do something we normally wouldn’t want to do. This would educate on different methods and how to detect, avoid, and use for good, not evil. Ok, maybe some evil.
- Mac Security – So I talk about it here quite a bit, but for those of us in the InfoSec industry it’s not something we talk about often or even at all, aside from getting into turf wars about which platform is better. Mac’s are just as vulnerable as PC’s. Surprise.
Additional ideas? I’m not keen on doing stuff that’s already been done, but would like to help educate on something that isn’t often thought of. Post in the comments!
Cell phone security — With regards to apps, security controls on the device itself, jailbreaking, etc. It could fall into the staying safe online portion you mention above.