Looking back on 31 days of security

It's been a week since I wrote my last blog. I needed a bit of a break after 31 consecutive days of blogging. In this blog I'll look back on my "adventure".

How it started

I was talking with several people on twitter about security awareness and the fact that we barely reach people outside the information security community with our message. I assumed it had to do with the fact that there's not enough security (awareness) related content tailored to non tech people. And maybe even more importantly, even if that particular content exists it probably doesn't reach the audience who needs it most.

I did some polls to see what other people thought about it.

Most voters agreed there is not enough good content and in the replies some people also pointed out that even when the information is available it doesn't reach the target audience.

Only 6% of my Twitter followers that voted on the next poll are non tech users. So it's clear that via Twitter only I am not going to reach the people who need it most.

And probably this holds true for other security professionals as well. The problem is that Twitter is the only social media platform on which I have some reach.

But first things first, that's why I started with creating some content for non tech users. I created this collection of existing resources for the average user.

The journey

I wanted to go a step further. And then I got an idea. I get ideas all the time, but this one was pretty crazy.

I got a lot of good suggestion in reply to this tweet and I started planning about which topics I would write and what was the logical order to publish them.

I thought it was important that the series of blog posts became a coherent whole. I was particularly happy that it was also perceived as such.

I knew that with only 1 week of preparation it was going to be challenging. I wanted to take a bit of a headstart, but I only succeeded in completing 2 blogs before October started.

Remarkably enough, the first 9 blogs went pretty smoothly. But then the blog about how a VPN increases privacy and security took me a lot more time, whilst it actually should have been one of the easiest to write.

I struggled more and more along the route, mainly because of fatigue.

Like I said I won't do this anytime soon again. For an entire month I didn't do anything else than doing my dayjob and writing a blog at night, so I haven't been the most pleasant company for my family. On the other hand it was only one month and based on the awesome feedback I got I think it was totally worth it.

I received much more reactions from people that appreciated my blogs, unfortunately I can't put them all here, but know that I really appreciated every single one of them. It really kept me going!

Reaching the target audience

I explicitely asked people to share my blogs with their non tech family and friends in the hope to reach the target audience. I was glad to see that people did and the blogs were massively shared on Twitter.

But also on other social media. Ayelet for instance, who has been wonderful and shared and endorsed a lot of my posts.

Or people sharing it within their company.

I also monitored a bit where it was shared. And I was for instance very pleased to see that my blogs were linked on this website of a senior computer group.

This was exactly where I hoped for, and even if it's still a small impact every single person that I could help improving their online security is a win. I hope that these blogs will be helpful for more people in the future to improve their online security. So please keep sharing them!

What I learned from it

For me for several reasons this journey was interesting. I learned a lot about different security topics. And maybe more importantly, I learned how to express security topics in a simple way.

It also was a good exercise in perseverance and in the future I will certainly benefit from the effort I put into it.

Some stats

  • 31 blogs written in October
  • Between 60 and 80 hours of writing
  • Bounce rate: 74.48%.
  • Most viewed post: Why Everyone Should Care About Online Security
  • 12,876 unique visitors to my website, which is more than the triple of a normal month

What's next?

It was a great blogging adventure. It costed me a lot of energy but the blogs were very well received. It was particularly rewarding that I also reached some people for which this series was actually meant, the ones that are the most vulnerable to online threats.

I will take it easy for a while now to recharge the batteries. But this is certainly not the end, I have always tweeted and blogged about security awareness and I'll continue doing so. I have several ideas both about the content I want to provide and how to reach more people.

All 31 blogs are listed in this post or can be found in this Twitter thread. Please share them with your non tech family and friends, thank you!

If you want to stay informed about my future activities is by following me on Twitter.

John Opdenakker

John Opdenakker

Blogger | #Infosec | #AppSec | Security awareness | Occasional Public Speaker | Cycling | Running | Enjoying life