Digital Self Defense at RIT

Ben Woelk, CISSP, CPTC
Ben Woelk, CISSP, CPTCSecurity awareness expert | Content strategist | Professor | Introverted leadership mentor, coach | Speaker | Writer
Rochester Security Summit Ben Woelk, CISSP ISO Program Manager Rochester Institute of Technology
Copyright © 2014 Rochester Institute of Technology Presentation Overview • Background • Communications Plan Basics • RIT Implementation • Success? • Discussion
Copyright © 2014 Rochester Institute of Technology BACKGROUND
Copyright © 2014 Rochester Institute of Technology My Background • Corporate • Higher Education – ISO Office – Adjunct • Techcomm • Computing Security
Copyright © 2014 Rochester Institute of Technology Rochester Institute of Technology • RIT Environment – 18,500 students – 3,500 faculty and staff – International Locations – ~40,000+ systems on the network at any given time – Very skilled IT security students
Copyright © 2014 Rochester Institute of Technology RIT Information Security • RIT ISO – 3 full time • Information Security Officer • Program Manager • Sr. Forensics Investigator – 1-4 student employees • Mix of coop and part- time • Risk Management, not Information Technology
Copyright © 2014 Rochester Institute of Technology COMMUNICATIONS PLAN BASICS
Copyright © 2014 Rochester Institute of Technology Communications Plan • Benefits – Systematic approach – Repeatable – Set and achieve goals – Be proactive – Be strategy driven, not event driven – Strategic plan drives marketing/communications plan
Copyright © 2014 Rochester Institute of Technology TechComm 101 • “We explain things” (R. J. Lippincott, Intercom) • Characteristics – Interactive and adaptable – Reader centered • Personas – Contextualized – Concise – Visual – Cross cultural
Copyright © 2014 Rochester Institute of Technology RIT IMPLEMENTATION
Copyright © 2014 Rochester Institute of Technology Digital Self Defense Goals • Inform the entire population about threats. • Educate new members of the RIT community on Information Security topics. • Maintain current information outputs and engagement on Information Security topics. • Create new avenues for communication to expand awareness of Information Security office. • Inform community of new Infosec initiatives
Copyright © 2014 Rochester Institute of Technology Challenges • Multiple audiences • Messaging overload • 30% annual turnover • What, me worry? • Dry/technical subject
Copyright © 2014 Rochester Institute of Technology Security Awareness Plan • Components – Audience analysis – Key messages – Communications channels – Calendar of promotions – Develop relationships
Copyright © 2014 Rochester Institute of Technology Target Audiences
Copyright © 2014 Rochester Institute of Technology Strategies • Consistent outreach • Creative/fun deliverables • New communication channels • “What’s in it for me?” fulfillment – Emphasizing home use – Easy-to-implement best practices – Consequences of non-compliance – Interactive elements
Copyright © 2014 Rochester Institute of Technology Key Message • Short and Simple
Copyright © 2014 Rochester Institute of Technology Calendar of Promotions
Copyright © 2014 Rochester Institute of Technology Monthly Topics Month Topic June, July, August Pre-Semester, Start of Semester September New Students, New Semester, New Threats October Cyber Security Awareness Month November No Click November December Scams and Hoaxes January Data Privacy Month February Ph(F)ebruary Phish March Mobile Device Madness April Spring Cleaning May Graduating to Good Passwords
Copyright © 2014 Rochester Institute of Technology Pre-Semester/Start of Semester
Copyright © 2014 Rochester Institute of Technology Communications Channels • What’s the best vehicle?
Copyright © 2014 Rochester Institute of Technology Develop Relationships
Copyright © 2014 Rochester Institute of Technology RIT Infosec Website
Copyright © 2014 Rochester Institute of Technology RIT Social Media
Copyright © 2014 Rochester Institute of Technology Posters
Copyright © 2014 Rochester Institute of Technology Go Phish https://www.pinterest.com/ritinfosec/playing-cards-by-rit-information-security/
Copyright © 2014 Rochester Institute of Technology Alerts and Advisories • Message Center Portal/email • Ad hoc • ~20 per academic year
Copyright © 2014 Rochester Institute of Technology Move-in
Copyright © 2014 Rochester Institute of Technology New Student Orientation
Copyright © 2014 Rochester Institute of Technology Lightning Talks • Six minute presentations • Slides move every 18 seconds • Topics – Online reputation management – Illegal file sharing – Safe use of social media – Securing mobile devices
Copyright © 2014 Rochester Institute of Technology DSD Lightning Talk • https://www.youtube.com/watch?v=-Yo8TV-ZLbE
Copyright © 2014 Rochester Institute of Technology In Development • Cyber Hero employee recognition program • Phishing exercises
Copyright © 2014 Rochester Institute of Technology SUCCESS?
Copyright © 2014 Rochester Institute of Technology Evaluation Tools • Internal survey tool (in development) – Fall baseline – Spring progress
Copyright © 2014 Rochester Institute of Technology Social Media Evaluation
Copyright © 2014 Rochester Institute of Technology External Evaluations • Use with care • Kred (2013) – Influence (trust) – Outreach (propensity to share) • Klout (2009) – Perceived social influence
Copyright © 2014 Rochester Institute of Technology Evaluate and Make Mid-Course Corrections • You will make mistakes • Don’t be afraid to make a change • Did it make a difference? • Ways to evaluate – Surveys – Analytics From austinevan
Copyright © 2014 Rochester Institute of Technology Key Success Factors • What’s in it for them? • Relevant at home as well as at work • Reach them where they are
Copyright © 2014 Rochester Institute of Technology Resources • EDUCAUSE – Cybersecurity Awareness Resource Library – Security Awareness Quick Start and Advanced Guides • W. K. Kellogg Foundation Template for Strategic Communications Plan • Richard Johnson-Sheehan Technical Communication Today • Society for Technical Communication
Copyright © 2014 Rochester Institute of Technology Contact Me Ben Woelk Ben.woelk@gmail.com; ben.woelk@rit.edu Benwoelk.com @benwoelk www.linkedin.com/in/benwoelk/
Copyright © 2014 Rochester Institute of Technology DISCUSSION
1 of 40

Digital Self Defense at RIT

Business

Exploration of the Digital Self Defense Security Awareness program at the Rochester Institute of Technology. Delivered at the Rochester Security Summit, October 2015.

Ben Woelk, CISSP, CPTC
Ben Woelk, CISSP, CPTCSecurity awareness expert | Content strategist | Professor | Introverted leadership mentor, coach | Speaker | Writer

Recommended

Digital self defense iia isaca it audit seminar by
Digital self defense iia isaca it audit seminarDigital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminarBen Woelk, CISSP, CPTC
1.1K views43 slides
Digital Self Defense by
Digital Self DefenseDigital Self Defense
Digital Self DefenseBen Woelk, CISSP, CPTC
697 views39 slides
Posterous versus homework noel jenkins by
Posterous versus homework noel jenkinsPosterous versus homework noel jenkins
Posterous versus homework noel jenkinsNoel Jenkins
933 views9 slides
Resume by
ResumeResume
ResumeSteven Shi
194 views1 slide
Jisc e-safety by
Jisc e-safety Jisc e-safety
Jisc e-safety Jisc RSC East Midlands
359 views10 slides
Staying Safe Online for HR Professionals by
Staying Safe Online for HR ProfessionalsStaying Safe Online for HR Professionals
Staying Safe Online for HR ProfessionalsBen Woelk, CISSP, CPTC
523 views27 slides

More Related Content

Similar to Digital Self Defense at RIT

Online education in the field of Responsible Education by
Online education in the field of Responsible EducationOnline education in the field of Responsible Education
Online education in the field of Responsible EducationTU Delft, Faculty of Technology, Policy and Management
364 views28 slides
Management of Distance Learning Systems in China - Selecting technologies by
Management of Distance Learning Systems in China - Selecting technologiesManagement of Distance Learning Systems in China - Selecting technologies
Management of Distance Learning Systems in China - Selecting technologiesGiovanni Marconato
127 views62 slides
Conole plenary LINQ Conference Brussels 12 May 2015 by
Conole plenary LINQ Conference Brussels 12 May 2015Conole plenary LINQ Conference Brussels 12 May 2015
Conole plenary LINQ Conference Brussels 12 May 2015Grainne Conole
2.7K views49 slides
Make the Technology-to-Theory Connection in Your Career Sessions by
Make the Technology-to-Theory Connection in Your Career SessionsMake the Technology-to-Theory Connection in Your Career Sessions
Make the Technology-to-Theory Connection in Your Career SessionsMelissa A. Venable
376 views40 slides
#AcAdvOnline Webinar by
#AcAdvOnline Webinar#AcAdvOnline Webinar
#AcAdvOnline WebinarLaura Pasquini
707 views117 slides
Impact of IT on library Services with Best Practices by Muhammad Farooq by
Impact of IT on library Services with Best Practices by Muhammad FarooqImpact of IT on library Services with Best Practices by Muhammad Farooq
Impact of IT on library Services with Best Practices by Muhammad FarooqAta Rehman
232 views68 slides

Similar to Digital Self Defense at RIT(20)

Online education in the field of Responsible Education by TU Delft, Faculty of Technology, Policy and Management
Online education in the field of Responsible EducationOnline education in the field of Responsible Education
Online education in the field of Responsible Education
TU Delft, Faculty of Technology, Policy and Management364 views
Management of Distance Learning Systems in China - Selecting technologies by Giovanni Marconato
Management of Distance Learning Systems in China - Selecting technologiesManagement of Distance Learning Systems in China - Selecting technologies
Management of Distance Learning Systems in China - Selecting technologies
Giovanni Marconato127 views
Conole plenary LINQ Conference Brussels 12 May 2015 by Grainne Conole
Conole plenary LINQ Conference Brussels 12 May 2015Conole plenary LINQ Conference Brussels 12 May 2015
Conole plenary LINQ Conference Brussels 12 May 2015
Grainne Conole2.7K views
Make the Technology-to-Theory Connection in Your Career Sessions by Melissa A. Venable
Make the Technology-to-Theory Connection in Your Career SessionsMake the Technology-to-Theory Connection in Your Career Sessions
Make the Technology-to-Theory Connection in Your Career Sessions
Melissa A. Venable376 views
#AcAdvOnline Webinar by Laura Pasquini
#AcAdvOnline Webinar#AcAdvOnline Webinar
#AcAdvOnline Webinar
Laura Pasquini707 views
Impact of IT on library Services with Best Practices by Muhammad Farooq by Ata Rehman
Impact of IT on library Services with Best Practices by Muhammad FarooqImpact of IT on library Services with Best Practices by Muhammad Farooq
Impact of IT on library Services with Best Practices by Muhammad Farooq
Ata Rehman232 views
Conole_teaching 5_aug by Grainne Conole
Conole_teaching 5_augConole_teaching 5_aug
Conole_teaching 5_aug
Grainne Conole866 views
Klaus Dieter Rossade online assessment by EADTU
Klaus Dieter Rossade online assessmentKlaus Dieter Rossade online assessment
Klaus Dieter Rossade online assessment
EADTU105 views
Introducing Myshowcase.me by myknowledgemap
Introducing Myshowcase.meIntroducing Myshowcase.me
Introducing Myshowcase.me
myknowledgemap1.9K views
Tools And Resources For Continuous Improvement Of Technology In Schools by fridayinstitute
Tools And Resources For Continuous Improvement Of Technology In SchoolsTools And Resources For Continuous Improvement Of Technology In Schools
Tools And Resources For Continuous Improvement Of Technology In Schools
fridayinstitute1.3K views
Assignment planner and reference tracking by dbslibrary
Assignment planner and reference trackingAssignment planner and reference tracking
Assignment planner and reference tracking
dbslibrary304 views
BAIT1103 Course Overview by limsh
BAIT1103 Course OverviewBAIT1103 Course Overview
BAIT1103 Course Overview
limsh333 views
SGCI - Science Gateways - Technology-Enhanced Research Under Consideration of... by Sandra Gesing
SGCI - Science Gateways - Technology-Enhanced Research Under Consideration of...SGCI - Science Gateways - Technology-Enhanced Research Under Consideration of...
SGCI - Science Gateways - Technology-Enhanced Research Under Consideration of...
Sandra Gesing451 views
DRSOKCVL by ISTAR
DRSOKCVLDRSOKCVL
DRSOKCVL
ISTAR23 views
Professor & Head(IT) by ISTAR
Professor & Head(IT)Professor & Head(IT)
Professor & Head(IT)
ISTAR35 views
DRSOKCVL by ISTAR
DRSOKCVLDRSOKCVL
DRSOKCVL
ISTAR17 views
Uniti 121009204744-phpapp01 by Tanzeem Ahmad
Uniti 121009204744-phpapp01Uniti 121009204744-phpapp01
Uniti 121009204744-phpapp01
Tanzeem Ahmad151 views
Conole HEA seminar by Grainne Conole
Conole HEA seminarConole HEA seminar
Conole HEA seminar
Grainne Conole4.5K views
AmI 2015 - Course Introduction by Fulvio Corno
AmI 2015 - Course IntroductionAmI 2015 - Course Introduction
AmI 2015 - Course Introduction
Fulvio Corno641 views
FDP MP IITJ TISC.pdf by gurukhade1
FDP MP IITJ TISC.pdfFDP MP IITJ TISC.pdf
FDP MP IITJ TISC.pdf
gurukhade11 view

More from Ben Woelk, CISSP, CPTC

Creating a Sense of Belonging--Engaging the Virtual Workforce by
Creating a Sense of Belonging--Engaging the Virtual WorkforceCreating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual WorkforceBen Woelk, CISSP, CPTC
6 views40 slides
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx by
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptxCreating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptxBen Woelk, CISSP, CPTC
108 views39 slides
Saying "Yes, and...?" to Leadership Opportunities by
Saying "Yes, and...?" to Leadership OpportunitiesSaying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership OpportunitiesBen Woelk, CISSP, CPTC
158 views29 slides
Perspectives on Mentoring: Selected Stories by
Perspectives on Mentoring: Selected StoriesPerspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected StoriesBen Woelk, CISSP, CPTC
141 views14 slides
We're All Winners--Gamification and Security Awareness by
We're All Winners--Gamification and Security AwarenessWe're All Winners--Gamification and Security Awareness
We're All Winners--Gamification and Security AwarenessBen Woelk, CISSP, CPTC
295 views35 slides
The Introvert in the Workplace--Strategies for Success by
The Introvert in the Workplace--Strategies for SuccessThe Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for SuccessBen Woelk, CISSP, CPTC
343 views39 slides

More from Ben Woelk, CISSP, CPTC(20)

Creating a Sense of Belonging--Engaging the Virtual Workforce by Ben Woelk, CISSP, CPTC
Creating a Sense of Belonging--Engaging the Virtual WorkforceCreating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual Workforce
Ben Woelk, CISSP, CPTC6 views
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx by Ben Woelk, CISSP, CPTC
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptxCreating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Ben Woelk, CISSP, CPTC108 views
Saying "Yes, and...?" to Leadership Opportunities by Ben Woelk, CISSP, CPTC
Saying "Yes, and...?" to Leadership OpportunitiesSaying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership Opportunities
Ben Woelk, CISSP, CPTC158 views
Perspectives on Mentoring: Selected Stories by Ben Woelk, CISSP, CPTC
Perspectives on Mentoring: Selected StoriesPerspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected Stories
Ben Woelk, CISSP, CPTC141 views
We're All Winners--Gamification and Security Awareness by Ben Woelk, CISSP, CPTC
We're All Winners--Gamification and Security AwarenessWe're All Winners--Gamification and Security Awareness
We're All Winners--Gamification and Security Awareness
Ben Woelk, CISSP, CPTC295 views
The Introvert in the Workplace--Strategies for Success by Ben Woelk, CISSP, CPTC
The Introvert in the Workplace--Strategies for SuccessThe Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for Success
Ben Woelk, CISSP, CPTC343 views
Building a Culture of Digital Self Defense by Ben Woelk, CISSP, CPTC
Building a Culture of Digital Self DefenseBuilding a Culture of Digital Self Defense
Building a Culture of Digital Self Defense
Ben Woelk, CISSP, CPTC261 views
Harnessing Your Innate Strengths--Introverted Leadership by Ben Woelk, CISSP, CPTC
Harnessing Your Innate Strengths--Introverted LeadershipHarnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted Leadership
Ben Woelk, CISSP, CPTC192 views
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18 by Ben Woelk, CISSP, CPTC
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
Ben Woelk, CISSP, CPTC964 views
Digital self defense 101 me rit by Ben Woelk, CISSP, CPTC
Digital self defense 101 me ritDigital self defense 101 me rit
Digital self defense 101 me rit
Ben Woelk, CISSP, CPTC131 views
Follow the yellow brick road: A Leadership Journey to the Emerald City by Ben Woelk, CISSP, CPTC
Follow the yellow brick road: A Leadership Journey to the Emerald CityFollow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald City
Ben Woelk, CISSP, CPTC519 views
Collaborating securely: Protecting Your Community and Yourself by Ben Woelk, CISSP, CPTC
Collaborating securely: Protecting Your Community and YourselfCollaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and Yourself
Ben Woelk, CISSP, CPTC1.4K views
An Introvert's Journey to Leadership by Ben Woelk, CISSP, CPTC
An Introvert's Journey to LeadershipAn Introvert's Journey to Leadership
An Introvert's Journey to Leadership
Ben Woelk, CISSP, CPTC1.9K views
Cyber Safety for Middle School Students and Parents by Ben Woelk, CISSP, CPTC
Cyber Safety for Middle School Students and ParentsCyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and Parents
Ben Woelk, CISSP, CPTC933 views
Succession Planning and Volunteering by Ben Woelk, CISSP, CPTC
Succession Planning and VolunteeringSuccession Planning and Volunteering
Succession Planning and Volunteering
Ben Woelk, CISSP, CPTC974 views
Shockproofing your Use of Social Media: 2014 by Ben Woelk, CISSP, CPTC
Shockproofing your Use of Social Media: 2014Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014
Ben Woelk, CISSP, CPTC2.8K views
A Techcomm Bestiary Summit14 by Ben Woelk, CISSP, CPTC
A Techcomm Bestiary Summit14A Techcomm Bestiary Summit14
A Techcomm Bestiary Summit14
Ben Woelk, CISSP, CPTC2.8K views
A Techcomm Bestiary Spectrum14 by Ben Woelk, CISSP, CPTC
A Techcomm Bestiary Spectrum14A Techcomm Bestiary Spectrum14
A Techcomm Bestiary Spectrum14
Ben Woelk, CISSP, CPTC2.2K views
Empowering the Introvert Within stc13 by Ben Woelk, CISSP, CPTC
Empowering the Introvert Within stc13Empowering the Introvert Within stc13
Empowering the Introvert Within stc13
Ben Woelk, CISSP, CPTC1.5K views
Shockproofing Your Use of Social Media (professional development progression) by Ben Woelk, CISSP, CPTC
Shockproofing Your Use of Social Media (professional development progression)Shockproofing Your Use of Social Media (professional development progression)
Shockproofing Your Use of Social Media (professional development progression)
Ben Woelk, CISSP, CPTC568 views

Recently uploaded

Bloomerang_Forecasting Your Fundraising Revenue 2024.pptx.pdf by
Bloomerang_Forecasting Your Fundraising Revenue 2024.pptx.pdfBloomerang_Forecasting Your Fundraising Revenue 2024.pptx.pdf
Bloomerang_Forecasting Your Fundraising Revenue 2024.pptx.pdfBloomerang
194 views32 slides
proveitdeck.pptx by
proveitdeck.pptxproveitdeck.pptx
proveitdeck.pptxDerek Britton
25 views12 slides
Giampietro_DIG Summit v1.2.pptx by
Giampietro_DIG Summit v1.2.pptxGiampietro_DIG Summit v1.2.pptx
Giampietro_DIG Summit v1.2.pptxbradgallagher6
15 views11 slides
Why are KPIs(key performance indicators) important? by
Why are KPIs(key performance indicators) important? Why are KPIs(key performance indicators) important?
Why are KPIs(key performance indicators) important? Epixel MLM Software
24 views17 slides
VCOSA - VIETNAM COTTON - YARN MARKET REPORT - 11/2023 ISSUE by
VCOSA - VIETNAM COTTON - YARN MARKET REPORT - 11/2023 ISSUEVCOSA - VIETNAM COTTON - YARN MARKET REPORT - 11/2023 ISSUE
VCOSA - VIETNAM COTTON - YARN MARKET REPORT - 11/2023 ISSUEVietnam Cotton & Spinning Association
37 views26 slides

Recently uploaded(20)

Root Cause Analysis (RCA) by Operational Excellence Consulting (Singapore)
Root Cause Analysis (RCA)Root Cause Analysis (RCA)
Root Cause Analysis (RCA)
Operational Excellence Consulting (Singapore)78 views
Bloomerang_Forecasting Your Fundraising Revenue 2024.pptx.pdf by Bloomerang
Bloomerang_Forecasting Your Fundraising Revenue 2024.pptx.pdfBloomerang_Forecasting Your Fundraising Revenue 2024.pptx.pdf
Bloomerang_Forecasting Your Fundraising Revenue 2024.pptx.pdf
Bloomerang194 views
proveitdeck.pptx by Derek Britton
proveitdeck.pptxproveitdeck.pptx
proveitdeck.pptx
Derek Britton25 views
Giampietro_DIG Summit v1.2.pptx by bradgallagher6
Giampietro_DIG Summit v1.2.pptxGiampietro_DIG Summit v1.2.pptx
Giampietro_DIG Summit v1.2.pptx
bradgallagher615 views
Why are KPIs(key performance indicators) important? by Epixel MLM Software
Why are KPIs(key performance indicators) important? Why are KPIs(key performance indicators) important?
Why are KPIs(key performance indicators) important?
Epixel MLM Software24 views
VCOSA - VIETNAM COTTON - YARN MARKET REPORT - 11/2023 ISSUE by Vietnam Cotton & Spinning Association
VCOSA - VIETNAM COTTON - YARN MARKET REPORT - 11/2023 ISSUEVCOSA - VIETNAM COTTON - YARN MARKET REPORT - 11/2023 ISSUE
VCOSA - VIETNAM COTTON - YARN MARKET REPORT - 11/2023 ISSUE
Vietnam Cotton & Spinning Association37 views
DEUTSER-03188 Salt Lake Nov 30 Talk with speaker notes[13].pptx by bradgallagher6
DEUTSER-03188 Salt Lake Nov 30 Talk with speaker notes[13].pptxDEUTSER-03188 Salt Lake Nov 30 Talk with speaker notes[13].pptx
DEUTSER-03188 Salt Lake Nov 30 Talk with speaker notes[13].pptx
bradgallagher630 views
Netflix Inc. by 125071027
Netflix Inc.Netflix Inc.
Netflix Inc.
12507102714 views
On the Concept of Discovery Power of Enterprise Modeling Languages and its Re... by Ilia Bider
On the Concept of Discovery Power of Enterprise Modeling Languages and its Re...On the Concept of Discovery Power of Enterprise Modeling Languages and its Re...
On the Concept of Discovery Power of Enterprise Modeling Languages and its Re...
Ilia Bider16 views
v s.pptx by ravikhadalwal
v s.pptxv s.pptx
v s.pptx
ravikhadalwal14 views
Accounts Class 12 project cash flow statement and ratio analysis by JinendraPamecha
Accounts Class 12 project cash flow statement and ratio analysisAccounts Class 12 project cash flow statement and ratio analysis
Accounts Class 12 project cash flow statement and ratio analysis
JinendraPamecha76 views
Navigating EUDR Compliance within the Coffee Industry by Peter Horsten
Navigating EUDR Compliance within the Coffee IndustryNavigating EUDR Compliance within the Coffee Industry
Navigating EUDR Compliance within the Coffee Industry
Peter Horsten68 views
sample.potx by Maryna Yurchenko
sample.potxsample.potx
sample.potx
Maryna Yurchenko24 views
Sandur Antaranga V3.pdf by Savipriya Raghavendra
Sandur Antaranga V3.pdfSandur Antaranga V3.pdf
Sandur Antaranga V3.pdf
Savipriya Raghavendra14 views
Basic of Air Ticketing & IATA Geography by Md Shaifullar Rabbi
Basic of Air Ticketing & IATA GeographyBasic of Air Ticketing & IATA Geography
Basic of Air Ticketing & IATA Geography
Md Shaifullar Rabbi 73 views
auto dialer aegis.pdf by VoiceLogger1
auto dialer aegis.pdfauto dialer aegis.pdf
auto dialer aegis.pdf
VoiceLogger116 views
yasin-ppt.pptx by samanolia75
yasin-ppt.pptxyasin-ppt.pptx
yasin-ppt.pptx
samanolia7521 views
Assignment 4: Reporting to Management.pptx by BethanyAline
Assignment 4: Reporting to Management.pptxAssignment 4: Reporting to Management.pptx
Assignment 4: Reporting to Management.pptx
BethanyAline26 views
Engaging Senior Leaders to Accelerate Your Continuous Improvement Program by KaiNexus
Engaging Senior Leaders to Accelerate Your Continuous Improvement ProgramEngaging Senior Leaders to Accelerate Your Continuous Improvement Program
Engaging Senior Leaders to Accelerate Your Continuous Improvement Program
KaiNexus93 views
Amazing Opportunities: PCD Pharma Franchise in Kerala.pptx by SaphnixMedicure1
Amazing Opportunities: PCD Pharma Franchise in Kerala.pptxAmazing Opportunities: PCD Pharma Franchise in Kerala.pptx
Amazing Opportunities: PCD Pharma Franchise in Kerala.pptx
SaphnixMedicure125 views

Digital Self Defense at RIT

  • 1. Rochester Security Summit Ben Woelk, CISSP ISO Program Manager Rochester Institute of Technology
  • 2. Copyright © 2014 Rochester Institute of Technology Presentation Overview • Background • Communications Plan Basics • RIT Implementation • Success? • Discussion
  • 3. Copyright © 2014 Rochester Institute of Technology BACKGROUND
  • 4. Copyright © 2014 Rochester Institute of Technology My Background • Corporate • Higher Education – ISO Office – Adjunct • Techcomm • Computing Security
  • 5. Copyright © 2014 Rochester Institute of Technology Rochester Institute of Technology • RIT Environment – 18,500 students – 3,500 faculty and staff – International Locations – ~40,000+ systems on the network at any given time – Very skilled IT security students
  • 6. Copyright © 2014 Rochester Institute of Technology RIT Information Security • RIT ISO – 3 full time • Information Security Officer • Program Manager • Sr. Forensics Investigator – 1-4 student employees • Mix of coop and part- time • Risk Management, not Information Technology
  • 7. Copyright © 2014 Rochester Institute of Technology COMMUNICATIONS PLAN BASICS
  • 8. Copyright © 2014 Rochester Institute of Technology Communications Plan • Benefits – Systematic approach – Repeatable – Set and achieve goals – Be proactive – Be strategy driven, not event driven – Strategic plan drives marketing/communications plan
  • 9. Copyright © 2014 Rochester Institute of Technology TechComm 101 • “We explain things” (R. J. Lippincott, Intercom) • Characteristics – Interactive and adaptable – Reader centered • Personas – Contextualized – Concise – Visual – Cross cultural
  • 10. Copyright © 2014 Rochester Institute of Technology RIT IMPLEMENTATION
  • 11. Copyright © 2014 Rochester Institute of Technology Digital Self Defense Goals • Inform the entire population about threats. • Educate new members of the RIT community on Information Security topics. • Maintain current information outputs and engagement on Information Security topics. • Create new avenues for communication to expand awareness of Information Security office. • Inform community of new Infosec initiatives
  • 12. Copyright © 2014 Rochester Institute of Technology Challenges • Multiple audiences • Messaging overload • 30% annual turnover • What, me worry? • Dry/technical subject
  • 13. Copyright © 2014 Rochester Institute of Technology Security Awareness Plan • Components – Audience analysis – Key messages – Communications channels – Calendar of promotions – Develop relationships
  • 14. Copyright © 2014 Rochester Institute of Technology Target Audiences
  • 15. Copyright © 2014 Rochester Institute of Technology Strategies • Consistent outreach • Creative/fun deliverables • New communication channels • “What’s in it for me?” fulfillment – Emphasizing home use – Easy-to-implement best practices – Consequences of non-compliance – Interactive elements
  • 16. Copyright © 2014 Rochester Institute of Technology Key Message • Short and Simple
  • 17. Copyright © 2014 Rochester Institute of Technology Calendar of Promotions
  • 18. Copyright © 2014 Rochester Institute of Technology Monthly Topics Month Topic June, July, August Pre-Semester, Start of Semester September New Students, New Semester, New Threats October Cyber Security Awareness Month November No Click November December Scams and Hoaxes January Data Privacy Month February Ph(F)ebruary Phish March Mobile Device Madness April Spring Cleaning May Graduating to Good Passwords
  • 19. Copyright © 2014 Rochester Institute of Technology Pre-Semester/Start of Semester
  • 20. Copyright © 2014 Rochester Institute of Technology Communications Channels • What’s the best vehicle?
  • 21. Copyright © 2014 Rochester Institute of Technology Develop Relationships
  • 22. Copyright © 2014 Rochester Institute of Technology RIT Infosec Website
  • 23. Copyright © 2014 Rochester Institute of Technology RIT Social Media
  • 24. Copyright © 2014 Rochester Institute of Technology Posters
  • 25. Copyright © 2014 Rochester Institute of Technology Go Phish https://www.pinterest.com/ritinfosec/playing-cards-by-rit-information-security/
  • 26. Copyright © 2014 Rochester Institute of Technology Alerts and Advisories • Message Center Portal/email • Ad hoc • ~20 per academic year
  • 27. Copyright © 2014 Rochester Institute of Technology Move-in
  • 28. Copyright © 2014 Rochester Institute of Technology New Student Orientation
  • 29. Copyright © 2014 Rochester Institute of Technology Lightning Talks • Six minute presentations • Slides move every 18 seconds • Topics – Online reputation management – Illegal file sharing – Safe use of social media – Securing mobile devices
  • 30. Copyright © 2014 Rochester Institute of Technology DSD Lightning Talk • https://www.youtube.com/watch?v=-Yo8TV-ZLbE
  • 31. Copyright © 2014 Rochester Institute of Technology In Development • Cyber Hero employee recognition program • Phishing exercises
  • 32. Copyright © 2014 Rochester Institute of Technology SUCCESS?
  • 33. Copyright © 2014 Rochester Institute of Technology Evaluation Tools • Internal survey tool (in development) – Fall baseline – Spring progress
  • 34. Copyright © 2014 Rochester Institute of Technology Social Media Evaluation
  • 35. Copyright © 2014 Rochester Institute of Technology External Evaluations • Use with care • Kred (2013) – Influence (trust) – Outreach (propensity to share) • Klout (2009) – Perceived social influence
  • 36. Copyright © 2014 Rochester Institute of Technology Evaluate and Make Mid-Course Corrections • You will make mistakes • Don’t be afraid to make a change • Did it make a difference? • Ways to evaluate – Surveys – Analytics From austinevan
  • 37. Copyright © 2014 Rochester Institute of Technology Key Success Factors • What’s in it for them? • Relevant at home as well as at work • Reach them where they are
  • 38. Copyright © 2014 Rochester Institute of Technology Resources • EDUCAUSE – Cybersecurity Awareness Resource Library – Security Awareness Quick Start and Advanced Guides • W. K. Kellogg Foundation Template for Strategic Communications Plan • Richard Johnson-Sheehan Technical Communication Today • Society for Technical Communication
  • 39. Copyright © 2014 Rochester Institute of Technology Contact Me Ben Woelk Ben.woelk@gmail.com; ben.woelk@rit.edu Benwoelk.com @benwoelk www.linkedin.com/in/benwoelk/
  • 40. Copyright © 2014 Rochester Institute of Technology DISCUSSION