General discussion


I'm in between a rock and a hard place - can I have some help, please?

By gadgetgirl ·
By way of explanation, a bit of background?..

I was opted onto a group formed within the IT department and given the remit of improving departmental communications. For our sins, we came up with having a bi-monthly team luncheon to catch up with what each of the teams is currently undertaking, which projects are due/completed etc.

This started ok, with the department head giving a talk on the strategy of the ICT department, an update on the National picture, and its associated projects. The Information Management team then did a 10 minute presentation on their part of things, I did 10 minutes on the National Smart Card system, then we had a knowledge quiz after lunch.

Then the bombshell was dropped as to the next few ?ICT Luncheon Sessions?. Each team takes a turn for the next couple of meetings, and presents something FOR TWO AND A HALF FLIPPIN? HOURS on their topic. The parting shot is that whilst all other sessions will be run by teams of at least 6 people, I?m in the unfortunate position of being in a team of one. Me. That?s it, that?s all, just me. And security is one helluva topic to try and make interesting to an IT Department full of techies who already know about security???

So, guys, I need help. I have no problem giving presentations, doing induction sessions etc., and I?m not at all bothered about standing and talking in front of people, with or without making a fool of myself (I have tripped over so many specs of dust on a stage you wouldn?t believe it)

What do I do to fill 2.5 hours? It wouldn?t be as bad if I could give the general Information Security talk, but as these guys hear it twice a year from me anyway, there is absolutely no point, and I think they?d hang me out to dry if I did it again.

How, after I?ve filled those 2.5 hours, do I do a knowledge check on them, without doing a quiz?

I have around six weeks to the Luncheon date; the reason I?m starting now is that I know, because I do incident investigation, that I could be pulled off this particular project at any time, to take control of the response team.

So ? any ideas, silly security stories, powerpoint shows more than gratefully received. I really am at my wits end as to how to fill this void in time.

I know you?ll help if you can, so in advance of all the support I just know I?ll get from here, have a small but meaningful present from me, by clicking on this link?..

Many, many thanks in advance


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Try a temp agency or recruiter

by In reply to subject for you

My husband had an experience with someone who looked like you described yourself, but he was also very short and black, although he seemed to see fine. He came in with a team to do a 6-week, work-intensive project with 5 others, and he did more to enlighten people's view on the "handicapable" than anything else we've seen. He was a great guy, a good worker, and if he hadn't moved, I'd place him in a heartbeat.

In California, companies that have contracts with the government are required to have "quotas" (I forget the euphemism that they use) of minorities, women and disabled.

My point: try contracting at defense contractors, NASA, or government directly.

Collapse -


by IT cowgirl In reply to subject for you

Please enlighten me how this applies to security?

Collapse -

Talk suggestion

by Morti In reply to I'm in between a rock and ...

Tech Republic has some material they call Lunch & Learn that may be of help for you. One I have looked at focuses on computer security and includes PP slides as well as suggested verbage.

Not knowing the audience it is hard to hit the target, but some other thoughts are: telecommuting, changing from landline to cell phones, the future of backshoring, the whys & wherefors of computer security outside the office (or on the road.

Hope this helps.

Collapse -

security topics

by v_vegso In reply to I'm in between a rock and ...

Latest tech articles about security developments. List of new viruses, and why or why not are severe threat(rating them). Research and list magazines and web sites that would help newbies in the security field. Talk about new companies that offer any new products or services. Schools that offer courses and quality of them. Rate books, etc... You can do the ratings of these items which would take time and also expose that you are a guru !!!

Collapse -

Customer oriented

by Morti In reply to I'm in between a rock and ...

Many support folk seem to forget that the users don't have nearly as much training or interest in technology as the techs have. There are a couple sites I have found that could be used to start some customer empathy training. One is and the other is
Many of these will seem humorous at first but you could then ask the audience how the tech could have acted to better serve the customer. After the initial response of returning the computer because the user is too dumb to have it, how do you resolve the situation and make the customer / user feel good about themselves and your professional support. After all, we want to be seen as value added rather than a sufferable necessity.


Collapse -

step way, way out of the box

by danetter In reply to I'm in between a rock and ...

If communications are as important as the charge implies, there should be a system for that purpose -- departmental communications. Talk about the design of such a system. Look up the approach used by Gerald Nadler. Point out that there actually is already an informal, undefined system that has been judged not to work well enough. Emphasize the question of whether such a system might be useful or even could be designed, and, if so, how it could be designed. Most of your audience will think the whole notion is ridiculous; hopefully at least a few of the brighter and more thoughtful will understand.

Collapse -

Reverse Order

by plumley In reply to I'm in between a rock and ...

Since 'security' is the topic, take the best electic ideas you get here and create a 'Pop' quiz. then explain the best answer for each twist.
i.e. 1 - Would you give away your password for candy? About a thousand people in Picadilly Circus gave their passwords to researchers for a piece of chocolate. (Note - password without userID) 2 - Would you put a 'Free' CD in your machine at work? About 1200 loaded a self-destructing phone home bug on a CD given to them as they exited the London Underground. 3 - Do you remember DOS, specifically interrupt 13? Why are we glad it is gone? And do you understand the Virtual Machine equivalent and its impact? 4 - If the big threat is the 'RootKit', should security design and install one first to monitor systems? If so, How do you build one that nobody else can subvert? Sony and Symantec didn't know. Last Question - Did you ever tell somebody something you should not have? How are you going to keep that from happening again?

Collapse -

It Seems To Me

by dask In reply to I'm in between a rock and ...

It appears that initially these sessions were built to provide an opportunity for various technical specialists to communicate ideas, visions, strategies, etc.
Now it sounds like they have adjusted the focus to a pulpit training for each unit.
I suspect that most of what you would like to convey to them, you have via policies, guidelines, discussions, etc.
To develop your 2 1/2 hours,
1. could you determine some of what keeps those individuals up at night (worries) and integrate your discusssion into those areas.

2. I used to do a periodic security survey with inbedded questions like, "Do you think that it wastes organizational funding (that might be used for merit increases or profit sharing, etc.) for people who play solitaire, doom, or shop for their next stereo while at work? Try some thought provoking question based on their business concerns and then provide facilitation of interactive ideas on those concerns. In essense, be the conduit to get them to provide the training and ideas to fulfill their own needs.
Needless to say, try to focus the question on things that concern the organization's security needs as well, but bring it down to their business requirements, not yours.
This may enlighten you, provide you with new ideas, and concerns (sleepless nights), but it may also help integrate your focus areas (availability, data integrity, and confidentiality) into their processes.

What do you think?

Collapse -

More items to talk about

by rreichma In reply to I'm in between a rock and ...

What about covering Business Compliance activities from a security point of view, covering such items as:

Security Status Checking (Health Checking) of Infrastructure devices covering Networks and Client Server environments.

Security and Integrity Management (Apar Management)

User Id Management and Revalidation with an emphasis on Priviliged and Shared Users.

Portable Media, Disaster Recovery, Firewall Management etc etc etc.

Collapse -

Security topics for security people

by pete1978 In reply to I'm in between a rock and ...

Okay, granted that most IT workers are already familiar with security topics, but this does not mean that they apply them. It seems curious to me that you seem to have a dual role. First, you are the communications team person. Second, you are in a security leadership role. BTW, I did not list this in any particular order.

My question is why did they take a person from the security leadership position and give that person the additional responsibility of addressing communications issues? Perhaps there is a relationship. Perhaps, higher authorities have come to realize that there are security issues within the department's communications.

That, therefore, could be a topic -- Communication Security. Or what to say and what to not say in communications.

Related Discussions

Related Forums