Welcome to NBlog, the NoticeBored blog

I may meander but I'm exploring, not lost

Mar 13, 2017

NBlog March 13

We've enjoyed a weekend off, worn out by the effort of coming up with a bunch of ideas for the next set of security awareness posters last Friday. 

Trust me, it's not easy to design six new posters every month. How would you picture "security innovation"? Seriously, think about that for a moment.*

If you suggested a Google image search, go straight to the back of the class. Copying someone else's design without their permission would be intellectual property theft, and even plagiarising one or using something 'for inspiration' is not exactly ethical. 

Besides which, it's not very innovative or creative, is it? Repackaging someone else's content is like shoving old shoes in a new box. They are still old shoes.

This issue crops up repeatedly in relation to awareness and training materials in general. Google can help us find plenty of content, no problem, but despite being 'free' it carries a cost:
  • Unless it has been explicitly released by its owner into the public domain or is past its copyright protection period, it is probably subject to legal restrictions on copying and use, other than "fair use" as defined in law;
  • Even if it is not covered by copyright, there are ethical considerations ... and after all ethics and compliance are two of the very topics that information security awareness is meant to promote, not denigrate;
  • Much of it is old/out of date, meaning 'more than a few months old' in this field;
  • It was generally written for specific purposes that may not match ours (e.g. for advertising);
  • It was written by a bunch of different people, with different interests, writing styles, knowledge and experience;
  • Much of it is minimally researched and, frankly, badly written. 
Those final two points are of concern in any field as complex and technical as ours. Papers written by students towards their class work or exams, for instance, can be fantastic but those are quite exceptional, not the rule. Most are terribly naive and idealistic, often stilted and written in broken English, regurgitating class notes. The best do at least properly cite useful references, while the worst are plagiarised, biased and/or plain junk.

Regards,
Gary (Gary@isect.com)

* If you have six good ideas, plus a couple of extras in case those six don't work out graphically in practice, maybe you should put them into practice ... or share them with us and together we can make them happen. Better still, talk to me about next month's awareness topic: what graphic images spring to mind in relation to 'email and messaging security'? How would you express all that goes with it, preferably in a simple, striking style that says something meaningful, motivational and inspirational? Oh and by the way, your designs need to be feasible for our hard-working graphics team to assemble, quickly.