Pointers to Community Security Education Contacts


(maintained by Rob Slade)
In Vancouver, there is a long standing group interested in information systems security. Although the connections to CIPS are rather tenuous, it is known as the CIPS Security SIG. At the annual general meeting in the fall of 2000, Allan Alton (aalton at telus dot net) started the community security education idea rolling by producing an Internet security seminar curriculum that he freely offered to anyone who wanted to put it on for a local school, library, community group or whatever. The larger idea was to have other people develop other curricula, and eventually have a set comprising the whole range of security topics, although primarily concentrating on home and small business users who would not normally have access to security consulting.

Some of us have been trying to help develop the idea, although I have to admit that we have not been as useful to Allan (or the concept) as we might have been. However, I have started a mailing list at Yahoo Groups (comseced) in order to try and share material with other interested parties or projects. If you wish to participate, you can join by sending email to comseced-subscribe@yahoogroups.com.

That is the macro level part of the idea. I will be attempting to collect information and contacts to make them available here, so that people can share curricula, ideas, and resources. A similar contact list is available at the Community Education in Information Security page. Specific curricula and materials are available at the R.U.N.S.A.F.E. project. Workshops, particularly for children, are being developed by the Society for the Policing of Cyberspace (POLCYB).

On the micro level, a local group would be building a "speaker's bureau." The basic premise is to ensure a minimal level of competence in security issues. We also need to select people who can, in fact, get up in front of a crowd. In terms of the media, there are other considerations. For TV you need someone photogenic. For radio, they want someone instantly articulate: you have to think *really* fast, and get everything into a seven minute slot. (Harder than you'd think.) For newspapers, we need to get someone who has tenacity to follow up and make sure they get to vet the final article: print media people can get more wrong, faster, than anyone I know.

The media does not have time to referee our infighting. Therefore, the best solution is to have all the security groups; ISSA, ISACA, Policyb, ACM, IEEE, CIPS, and local security SIGs, etc.; agree to forward media to one point of contact, and then farm out the calls from there. It would also help to develop a common speaker's bureau for the community education project. This not only helps get the education and awareness projects off the ground, but it gives a basis for assessing speakers for those involved in producing various conferences.

Resources

Quick tips for home users

Security book reviews main topic menu

Virus information main menu