It's been a week since I wrote my last blog. I needed a bit of a break after 31 consecutive days of blogging. In this blog I'll look back on my "adventure".
How it started
I was talking with several people on twitter about security awareness and the fact that we barely reach people outside the information security community with our message. I assumed it had to do with the fact that there's not enough security (awareness) related content tailored to non tech people. And maybe even more importantly, even if that particular content exists it probably doesn't reach the audience who needs it most.
I did some polls to see what other people thought about it.
Do you think there is enough #security (awareness) related content tailored to non infosec/tech users? If yes, please reply with links to good content. If no, please reply with suggestions. Would appreciate this one also reaches non #infosec people. So please retweet! π
— John Opdenakker (@j_opdenakker) September 6, 2019
Most voters agreed there is not enough good content and in the replies some people also pointed out that even when the information is available it doesn't reach the target audience.
Only 6% of my Twitter followers that voted on the next poll are non tech users. So it's clear that via Twitter only I am not going to reach the people who need it most.
Iβm always making assumptions about the domain people that follow me and reply to my polls are in. So hereβs another poll π.
— John Opdenakker (@j_opdenakker) October 2, 2019
which domain?
And probably this holds true for other security professionals as well. The problem is that Twitter is the only social media platform on which I have some reach.
But first things first, that's why I started with creating some content for non tech users. I created this collection of existing resources for the average user.
The journey
I wanted to go a step further. And then I got an idea. I get ideas all the time, but this one was pretty crazy.
I have an ambitious idea. October is #cybersecurity awareness month, i'll try to publish a daily blog with actionable tips for people to improve their online #security. I already have 15 topics in mind atm, but ideas are welcome. Let me know what you would find useful.
— John Opdenakker (@j_opdenakker) September 25, 2019
I got a lot of good suggestion in reply to this tweet and I started planning about which topics I would write and what was the logical order to publish them.
When I got the idea the last week of September I had the same day like 15 or 20 ideas. I also asked on Twitter what people thought was interesting. And along the series I often changed the plans to write the articles that fitted best first, to have a logical flow in the series
— John Opdenakker (@j_opdenakker) November 1, 2019
I thought it was important that the series of blog posts became a coherent whole. I was particularly happy that it was also perceived as such.
Can I just commend @j_opdenakker for the outstanding commitment to 31 days of blog posts for awareness month... each one was a gem in its own right, but collectively they are amazing
— STUΝ£Ν¬ΝΝ¬ Ν£ Ν¬ Ν (@cybersecstu) October 31, 2019
I knew that with only 1 week of preparation it was going to be challenging. I wanted to take a bit of a headstart, but I only succeeded in completing 2 blogs before October started.
Remarkably enough, the first 9 blogs went pretty smoothly. But then the blog about how a VPN increases privacy and security took me a lot more time, whilst it actually should have been one of the easiest to write.
Struggling to get this blog written, while it shouldn't be a difficult one to write. I guess sometimes it just flows, and other times it doesn't pic.twitter.com/pKsJnrS5zg
— John Opdenakker (@j_opdenakker) October 10, 2019
I struggled more and more along the route, mainly because of fatigue.
Aaaaah, tonight another blog. What else would I do on a Friday evening?π
— John Opdenakker (@j_opdenakker) October 25, 2019
Will be good when it's over. I will not challenge myself like this anytime soon again.
Still security awareness topics you want me to cover?#CyberSecurityAwarenessMonth#31DaysOfSecurity
Like I said I won't do this anytime soon again. For an entire month I didn't do anything else than doing my dayjob and writing a blog at night, so I haven't been the most pleasant company for my family. On the other hand it was only one month and based on the awesome feedback I got I think it was totally worth it.
Really impressed with the awareness articles that @j_opdenakker is pushing out. Please share them, but wider than just InfoSec people. This is business awareness. Use Johnβs articles to build conversations with business leaders.
— Ed Tucker (@Teddybreath) October 8, 2019
Top work John πππ
Thanks so much for this continuous blog. I'm really enjoying this...oh and hope you're feeling better!
— Heather M. Hankins (@heathermhankins) October 23, 2019
Congratulations for completing the marathon articles writing...!! It is an achievement Indeed and Inspiring too... ππ https://t.co/KMnDYeY4zk
— Dr.Ajit kumar (@urwithajit9) October 31, 2019
One of those threads to save and come back to in 3 months time. And still learn a thing or two.
— OSINT Researcher (@MyOSINTAccount) November 1, 2019
Thank you!#osint#opsec#Security https://t.co/GMldHU7D8s
I received much more reactions from people that appreciated my blogs, unfortunately I can't put them all here, but know that I really appreciated every single one of them. It really kept me going!
Reaching the target audience
I explicitely asked people to share my blogs with their non tech family and friends in the hope to reach the target audience. I was glad to see that people did and the blogs were massively shared on Twitter.
Personal favourite blog of @j_opdenakker #CyberSecurityAwarenessMonth series!
— Abigail McAlpine π Secureworld Seattle (@abigailmcalpine) October 24, 2019
Very valuable content to share with friends and family who may not be super savvy in #infosec https://t.co/3NuwaVylbX pic.twitter.com/kJlbZl2bfO
But also on other social media. Ayelet for instance, who has been wonderful and shared and endorsed a lot of my posts.
Hey John - love the initiative and looking forward to following the posts throughout the month!
— Ayelet HaShachar Penrod (@AyeletPenrod) October 2, 2019
Or people sharing it within their company.
@j_opdenakker Hi. You're doing great in your awareness blog series. I will surely refer your blog series during our internal security awareness session for reading. Thanks.
— πΈπ€πππ£ πππ§ππ (@soaj1664ashar) October 20, 2019
I also monitored a bit where it was shared. And I was for instance very pleased to see that my blogs were linked on this website of a senior computer group.
Well this is mighty cool. I discovered that the site https://t.co/Xz7s3T5HxE a site for seniors linked all my blogs so far. This makes it all worth the effort!#CyberSecurityAwarenessMonth pic.twitter.com/r9s2fQgyRu
— John Opdenakker (@j_opdenakker) October 19, 2019
This was exactly where I hoped for, and even if it's still a small impact every single person that I could help improving their online security is a win. I hope that these blogs will be helpful for more people in the future to improve their online security. So please keep sharing them!
What I learned from it
For me for several reasons this journey was interesting. I learned a lot about different security topics. And maybe more importantly, I learned how to express security topics in a simple way.
This awareness blog series is helpful to me in several ways.
— John Opdenakker (@j_opdenakker) October 17, 2019
- I learned several new things myself
- I improved in expressing security topics in a simple way
- I got in touch with a few non #infosec ppl who are eager to help spread awareness#CyberSecurityAwarenessMonth
It also was a good exercise in perseverance and in the future I will certainly benefit from the effort I put into it.
Some stats
- 31 blogs written in October
- Between 60 and 80 hours of writing
- Bounce rate: 74.48%.
- Most viewed post: Why Everyone Should Care About Online Security
- 12,876 unique visitors to my website, which is more than the triple of a normal month
What's next?
It was a great blogging adventure. It costed me a lot of energy but the blogs were very well received. It was particularly rewarding that I also reached some people for which this series was actually meant, the ones that are the most vulnerable to online threats.
I will take it easy for a while now to recharge the batteries. But this is certainly not the end, I have always tweeted and blogged about security awareness and I'll continue doing so. I have several ideas both about the content I want to provide and how to reach more people.
All 31 blogs are listed in this post or can be found in this Twitter thread. Please share them with your non tech family and friends, thank you!
Will add my #CyberSecurityAwarenessMonth blogs to this thread.
— John Opdenakker (@j_opdenakker) October 5, 2019
If you like the content please retweet and feel free to share elsewhere. Help me reach ppl that are less aware about online security!
Oct. 1: Why everyone should care about online security. https://t.co/gGlQz70PKy
If you want to stay informed about my future activities is by following me on Twitter.
