Anyone can 'do' security awareness. It's easy, right? Tell staff to choose strong passwords, avoid dodgy websites, and comply with policies and procedures, and the job's a good 'un. Bish bash bosh, is it time to go home already?
OK, smarty-pants: try writing something meaningful and worthwhile about information security for a non-technical audience, people who 'have things to do' or 'have a life', don't particularly care about information security, have limited attention spans and negligible vocabularies.
For a genuine challenge, limit yourself to the "ten hundred" most common English words.
If you can say what has to be said without it coming across as a condescending finger-wagging lecture to a six-year-old, congratulations, that's one hurdle cleared.
For bonus marks, make it engaging, action-oriented or motivational in style, sufficient to persuade your audience not just to nod sagely as if they actually give a toss, but to ACT more securely - to BE more secure. Overcoming the cynicism, lethargy and couldn't-care-less-ness of the average person takes a bit more effort, all the more so if you expect them to behave differently months down the line when the memories of your pep-talk have long since faded into the haze of a zillion other well-meaning advisories and warnings.
PS My own attempt at the challenge failed on the very first word. "Information" is evidently more obscure than I thought!