SCN #6: Championing Security Awareness Month

Security Awareness Month is a prime opportunity to strengthen your organization’s security culture through innovative and engaging activities. In this edition, we’re focusing on how you can leverage your Security Champions to make the most of this month - by leading activities, sharing resources, and driving security awareness across your teams!

🥳 Cultivating a Security-First Culture

Security Champions are essential for embedding security into your organization’s culture. Infosecurity Magazine highlights how champion programs not only build awareness but also bridge gaps between teams, fostering a security-first mindset. Leverage Security Awareness Month to amplify your champions’ voices by involving them in webinars, trainings, and interactive events that can inspire others to follow their lead.

😂 Security Champion Meme of the Week

📺️ Video Feature: Engaging Champions During Security Awareness Month

In this video, Stanley Harris and Marisa Fagan share actionable tips for maximizing Security Awareness Month. They emphasize using creative activities like Capture the Flag challenges and "Create Your Own Phish" events to engage champions and employees in interactive ways. From gamified workshops to internal conferences, the focus is on bringing teams together to learn and have fun. The goal? Make security awareness engaging and impactful by fostering collaboration across all departments.

🤝 Essential Techniques for Effective Security Training

Building an impactful Security Awareness Month starts with using the right techniques to engage and educate your teams. Phil Venables outlines 10 essential strategies for enhancing security training and awareness, including storytelling, gamification, and scenario-based exercises. Incorporate these methods into your Security Awareness Month initiatives to make learning interactive and memorable, empowering champions to lead the way in security education across your organization.

🕹️ Game Time! A Free Phishing Simulation Game for Your Champions

The SoSafe Phishing Game is an interactive and engaging tool designed to test and improve phishing awareness among employees. It challenges players to identify phishing attempts in a simulated environment, helping them recognize common tactics used by attackers. This game is perfect for Security Awareness Month, providing a hands-on way to educate and engage teams in a fun, competitive manner.

📆 Upcoming Events & Podcasts

• Turning Security from a Disabler to an Enabler for Developers
  Dustin Lehr joins Contrast Security to discuss how to improve the developer<>security relationship
  October 17 @ 1pmET

• Boring AppSec Podcast

  Dustin Lehr joins the Boring AppSec Podcast to discuss all things security culture

  October 21

• LeanAppSec Live (Virtual Conference)

  Dustin Lehr joins Endor Labs to talk about getting back to basics in AppSec

  October 23 from 12-4pET

• Simply CyberCon & BSides Charleston

  Stanley Harris will be attending both Simply CyberCon and BSides in Charleston, SC. Be sure to reach out if you’ll be in attendance!

  November 1 & 2

• The Elephant in AppSec Conference (Virtual)

  Dustin Lehr will be hosting his session, “Building a Proactive Developer Security Culture - Can We Actually Make it Work?”

  November 7 @ 12:00pPT

We hope you’ll find some benefit and utility in the resources we’ve provided in this edition of the Security Champion Newsletter. With 15 days left in October, there is still time to implement some fun and creative events to get your employees thinking about security in their day-to-day work. We wish you the best in your Security Awareness Month activities. See you soon!