Digestable Risk Assessment: creating a security booklet to encourage secure thoughts, not just security tools

From IFF Wiki
Jump to: navigation, search
Digestable Risk Assessment: creating a security booklet to encourage secure thoughts, not just security tools
Presenter(s) Anqi Li, Michael Carbone
Title(s) Design Lead, Manager of Security Education
Organization(s) Access Now
Project(s)
Country(ies)
Social media
2017 theme Training & Best Practices


Thursday March 9 615pm-715pm at Think Tank

We created an introductory risk assessment booklet A First Look at Digital Security which tries to get people into the security mindset, not just present tools. It is an attempt to walk non-tech people through a risk assessment without using the jargon of infosec to do it -- the booklet uses animal characters to think through some intimidating situations where vulnerabilities and risks are mitigated using particular practices.

We have pushed the content and design files to GitHub:

https://github.com/AccessNow/A-First-Look-at-Digital-Security

This session would present the booklet for feedback, expansion, and use. Some ideas include:

  • There are currently four "security archetypes" and we hope to eventually have a rotating cast of about 10 or so -- always 4 in the booklet, but being able to switch in and out profiles based on the audience it is serving.
  • Ways to better collaborate on a design-heavy guide.

We'd love your thoughts on what would be most helpful for an accessible and approachable guide to risk assessment -- the goal is to produce a successfully evolving document and thoroughly community-focused project.


Format Workshop
Target Groups Software Developers, Security Trainers, Advocacy/Policy Professional, Front Line Activists
Length 1 hour
Skill Level Novice
Language English


Session Outputs

Next Steps

Additional Notes

Relevant Resources

Contributors