Here we are, half way through the month so it's time to take stock of the awareness materials in the bag already, on the go right now or not yet started. This acts as a crude progress metric: will we finish the module before our self-imposed end-of-month deadline? [We always do but some months are more stressful than others!]
I'm ticking off items on the contents list as they come into being, in pencil first as they are drafted then inked-in as they are completed. When the whole module is done, this listing will become a checklist for customers to zip through the materials and decide which ones to use.
Today we started work on the management and staff awareness seminar slide decks. A few slides can be re-purposed from the professionals' seminar, and maybe a few more from previous malware modules, but there's an art to designing a seminar to suit the audience. Finding angles, perspectives or aspects that will catch their imaginations is key. We try to incorporate fresh content reflecting current or recent incidents, too, making the point that this is very much a live topic, a genuine present-day issue that deserves to be taken seriously.
Having said that, serious needn't mean dull as dishwater! Ransomware stirs thoughts of ransom notes. In that vein, we'll splash "Your money or your data" or "Your money or your business" on the title slides of the seminars, using fonts that resemble letters rough-cut from the press.
For added impact, I'm very tempted to cut and paste the letters from actual papers and magazines to make more realistic ransom notes - maybe later if there's time.