"Awareness as a service" term is used by security companies to provide a complete package with targeted security awareness activities for their customers (organisations in need of security awareness trainings) and includes:

• progress per department and employee
• intermediate quizzes to test knowledge
• monthly reporting and advice (pass/fail details from phishing emails, postcampaign training/retraining results)
• phishing simulations (provides insight into how often employees open phishing emails and whether they click through on URLs and attachments)

* source1, source2

It will be an interactive book on security for each member of a family (3 levels) + review on each member (who read, what read, how long, test results) + notification to review information + email phishing simulation (with reports).​

Here's how we're (I'm so far) planning to make the coolest security book ever 😂

🚀 Shipped​

• ❤️‍🔥 nothing yet

Q3​

• 📖 first draft of the book (for everyone)
• 👪 family managment system (roles, authorization, notifications)

Q4​

• 💡 reading progress monitor (by chapter, time reports on each)
• 🔖 activity monitor (test reports)
• 👶 first draft of the book for kids
• 💌 phishing simulations

2022 Q1​

• 🤸 phishing simulations reports
• ❓ if you have any ideas please let me know... time to create an email for this?

Knowledge and format should be designed specifically for the audience this project is targeting. Each target group should be analyzed and identified which security risks could affect them. My mom represents one group, my friends daughter, as a primary school pupil another and her grandparents - third.

It is important to consider the experience and knowledge of each group independently. This information should include their Internet usage and online activities, their level of awareness of information security issues and their level of awareness of safety measures. That brings to the question how to organize it? What format is suitable for this? How do we learn the best?

When talking about learning styles need to mention David Kolb and his experiential learning:

As well as "Reflective practice":

This project is asking for something as simple as a book, but with interactive tests and tasks to validate acquired knowledge. Not PDF or Epub, but an interactive web based book. It is possible with HTML to make it look nice, easy to keep it updated, easy to implement tracking of reader's progress, very doable to create feedback and test a reader.

Something as beautiful as Kasper and Kuma. "A joint publication of Marlies Slegers and Kaspersky Lab to take children aged 6 to 9 on a journey to explore the digital world in a safe way.

Informative as many available online video courses on security Security Awareness Training on Udemy:

And interactive as these examples (sadly I find these examples aren't good, but at least its idea very appealing):

Magical work by JASON LYON, @jasonlyon_

Who is talking? I'm an information security hobbyist with technical background. This hobby started almost 20 years ago and still burns me with excitement. Thanks to luck and some hard work, now I have the freedom to work on my own projects. I create them by myself (sometimes with help from my friends or outsource) and decide what they should be like. Mostly into /dev/null, but not this time. This time I really found something interesting and it clicked - the idea of writing on security with art (🤞 hope I will be able to work with someone like Jason ^) and technology. Coding a book! I have limited knowledge of JavaScript, some Ruby or Python, curious about visualization and retain some knowledge on security from experience and vastness of the internet. This is already enought for me to be excited!

Cybersecurity issues became a day-to-day struggle for businesses, but also individuals. The global pandemic has paved avenues to target many new victims, remote workers, senior citizens, and kids. And this includes my own family. Long time ago in my family we introduced a verification method among relatives in case one of us is requesting any sensitive information (passwords, banking details or asking for money). It is very simple - we ask each other tricky questions that only participants of the conversation would be able to answer. "What's the name of my friend who lived in apartment 19?" or "Where is your favorite vase from?" And if I couldn't get the right answer - it means something is not right. It works in some cases, but it's not enough to avoid many other scams.

The Internet is evolving, online attacks and scams as well are getting more sophisticated. I've noticed that my parents, my friends, and their kids all lack basic knowledge on how to navigate safely online. There is a lot of information and training online, but they are mostly "dry" and boring. Made for the corporate world, by the corporate world. And here I am with my quest to explore the possibility to produce something meaningful and enjoy the process of creating along that path.

I'm going to create this for my mom and my friends who are with non-technical background to see if it makes sense to release for the public. To see if this project can empower them with necessary knowledge and skills they need to stay safe online. To raise their awareness of the risks they face and educate about the safety and security issues they may encounter in their everyday life.

My first step is to explore current trends and solutions for cybersecurity awareness among individuals. To see how big corporations perform their training, what format of training works the best and how to recreate it for my friends and family.