Like this post? Want to comment? Join Ricochet’s community of conservatives and be part of the conversation. Join Ricochet for Free.

There are 35 comments.

Become a member to join the conversation. Or sign in if you're already a member.
  1. TG Thatcher
    TG
    @TG

    Most of the security training videos are cheesy. Unfortunately, the security training materials that are not cheesy are snooze-inducing. If the goal of the security training materials is to get people to think, a bit, which do you think is preferable: that trainees are laughing about the silliness, or that trainees forget the training immediately?

    • #1
  2. TG Thatcher
    TG
    @TG

    The other thing you know, but have forgotten momentarily (yes, I’m assuming, bear with me, grin) in your amusement: it’s one thing for people who are dealing with high-level sensitive stuff on a regular basis to remain vigilant. It’s a different (and difficult!) thing to maintain security awareness among the many people who only deal with the day-to-day little stuff that is not sensitive in isolation (info bits that can potentially be put together to create more valuable pictures).

    • #2
  3. Claire Berlinski, Ed. Member
    Claire Berlinski, Ed.
    @Claire

    TG:Most of the security training videos are cheesy. Unfortunately, the security training materials that are not cheesy are snooze-inducing. If the goal of the security training materials is to get people to think, a bit, which do you think is preferable: that trainees are laughing about the silliness, or that trainees forget the training immediately?

    So you think the ODNI screenwriters were sitting there with their feet up and a bunch of empty pizza boxes on the floor and one of them says, “Okay, so the way we deal with this embarrassing thing where we lost everyone’s data is we cast the world’s dweebiest closet case in the role of the ‘economic analyst,’ right? And then we get “Boris the Foreigner” to run into him by accident, we can show him wrestling with his conscience as he struggles between his libido and reporting this to the security office … they’ll be rolling.”

    So what’s the video that makes people think about who should run the OPM? I guess they need a really cheesy video to make everyone laugh and think closely about that kind of hiring decision, because obviously that lesson was a snoozer.

    • #3
  4. Robert McReynolds Member
    Robert McReynolds
    @

    It’s true. The training videos are either boring, cheesy, or haven’t been changed since at least 2005. I know I just had to do a few mandatory ones and they were exactly the same as they were when I joined the Navy in 2005.

    • #4
  5. Casey Inactive
    Casey
    @Casey

    Yeah, Claire. This is corporate life right here. Have to watch stuff like this all the time.

    This is what college prepared us for.

    • #5
  6. FightinInPhilly Coolidge
    FightinInPhilly
    @FightinInPhilly

    These videos are usually shown in a group setting. After it ends, the moderator, usually a lawyer, stands and says something along the lines of “ok, that was totally cheeseball, but lets talk about the issues at hand.” Good discussions usually follow.

    Remember, when we took down the Iranian reactor a few years back with the Stuxnet virus, we got the virus into their network by hacking the suppliers. The Iranians bought the malware. Which is kinda cool. (an earlier theory was that we had left thumb drives in cafe’s all around the area, where eventually an employee picked one up, took it to work, and stuck it in the USB port of his computer.)

    Employees are ALWAYS the weakest link in any cyber security plan. People do profoundly dumb things.  All the encryption in the world doesn’t help when your password is: password.

    And speaking of taking down Iranian reactors, ladies and gentlemen, AC/DC !

    • #6
  7. Percival Thatcher
    Percival
    @Percival

    Claire Berlinski, Ed.:

    TG:Most of the security training videos are cheesy. Unfortunately, the security training materials that are not cheesy are snooze-inducing. If the goal of the security training materials is to get people to think, a bit, which do you think is preferable: that trainees are laughing about the silliness, or that trainees forget the training immediately?

    So you think the ODNI screenwriters were sitting there with their feet up and a bunch of empty pizza boxes on the floor and one of them says, “Okay, so the way we deal with this embarrassing thing where we lost everyone’s data is we cast the world’s dweebiest closet case in the role of the ‘economic analyst,’ right? And then we get “Boris the Foreigner” to run into him by accident, we can show him wrestling with his conscience as he struggles between his libido and reporting this to the security office … they’ll be rolling.”

    Après CCCP, the security department of the company I was working for was more worried about the French than they were about the Russians. They weren’t shooting for world domination; they were poaching contracts. We were treated to a video of Suzette slinking up to an engineer in a bar, telling him that “your work – eet eez so –fascinating. Tell me more about zee radar ….” My initial impression was that when it comes to cheese the French have nothing on us.

    And twenty five years later, I still remember it.  I still laugh at it, but I guess it works.

    • #7
  8. Casey Inactive
    Casey
    @Casey

    Percival: but I guess it works.

    I doubt it.

    • #8
  9. Basil Fawlty Member
    Basil Fawlty
    @BasilFawlty

    Such videos are almost always produced by envious contractors from the private sector who sell them to the government to torture federal employees.

    • #9
  10. Vance Richards Inactive
    Vance Richards
    @VanceRichards

    How to Spot a Spy

    You are a techie and/or data analyst. An attractive woman shows interest in you. Of course she’s a spy.

    • #10
  11. Seawriter Contributor
    Seawriter
    @Seawriter

    FightinInPhilly: All the encryption in the world doesn’t help when your password is: password.

    Who told? I sure didn’t tell anyone that was my password.

    Claire Berlinski, Ed.: It’s not a parody. That’s what I thought, too, but nope: You paid for the production of that video.

    The bit I saw looks just like similar videos produced by Boeing and NOV I had to sit through . . . annually . . . while employed at those companies. Cheesy and sleep-inducing. And mandatory. Did I mention there is a test at the end?

    Seawriter

    • #11
  12. Front Seat Cat Member
    Front Seat Cat
    @FrontSeatCat

    TG:The other thing you know, but have forgotten momentarily (yes, I’m assuming, bear with me, grin) in your amusement: it’s one thing for people who are dealing with high-level sensitive stuff on a regular basis to remain vigilant. It’s a different (and difficult!) thing to maintain security awareness among the many people who only deal with the day-to-day little stuff that is not sensitive in isolation (info bits that can potentially be put together to create more valuable pictures).

    Did Hillary miss this training?

    • #12
  13. Misthiocracy Member
    Misthiocracy
    @Misthiocracy

    Claire Berlinski, Ed.:

    TG:Most of the security training videos are cheesy. Unfortunately, the security training materials that are not cheesy are snooze-inducing. If the goal of the security training materials is to get people to think, a bit, which do you think is preferable: that trainees are laughing about the silliness, or that trainees forget the training immediately?

    So you think the ODNI screenwriters were sitting there with their feet up and a bunch of empty pizza boxes on the floor and one of them says, “Okay, so the way we deal with this embarrassing thing where we lost everyone’s data is we cast the world’s dweebiest closet case in the role of the ‘economic analyst,’ right? And then we get “Boris the Foreigner” to run into him by accident, we can show him wrestling with his conscience as he struggles between his libido and reporting this to the security office … they’ll be rolling.”

    I’ve found myself in situations where I’ve been told by a client to make a communications piece less attractive because they want it to be more memorable. “Making it look good is less important than getting people to read it.”

    • #13
  14. Old Bathos Member
    Old Bathos
    @OldBathos

    It is cheesy because we want our federal employees to leak.  We want the Chinese to blackmail regular federal employees for stored data.  We will then fill their data centers with solitaire scores, kitten/puppy pictures and porn links.  If they actually get any economic forecasts or other federal work product from these federal PCs, the joke is on them because that stuff is almost always wrong.

    • #14
  15. Blitter Inactive
    Blitter
    @Blitter

    Vance Richards:How to Spot a Spy

    You are a techie and/or data analyst. An attractive woman shows interest in you. Of course she’s a spy.

    I remember when the “I love you” email-malware was roaming around. Some guy who worked at the help desk said “I knew it was a trap as soon as I saw the subject line. Now if it had said ‘I hate you’, I would have clicked on that right away!”

    • #15
  16. Dustoff Inactive
    Dustoff
    @Dustoff

    FIGHTINPHILLY,

    How did you know my password is password?

    • #16
  17. Casey Inactive
    Casey
    @Casey

    Dustoff:FIGHTINPHILLY,

    How did you know my password is password?

    Curses, foiled again!

    DoRightCast

    • #17
  18. TG Thatcher
    TG
    @TG

    Basil, the contractors are also required to view the cheesy videos. (sad face)

    Front Seat Cat, Hillary in her Magnificent I-Am-Woman Wonderfulness did not need the training, obviously! [/end sarc]

    • #18
  19. Sabrdance Member
    Sabrdance
    @Sabrdance

    This dates back to at least WWII when Frank Capra discovered that soldiers retained information from a training film much better if the lessons were embedded in a story, which is how you got the classic tail of Sergeant Rock, who drilled the soldiers on how, if they were ever in (enter appropriate tactical situation here), they should immediately (take appropriate tactical action), and all the soldiers thought the Sergeant was being way too serious, but then one day they were patrolling in Germany when it happened, and just like they were trained, they did what they were supposed to do, and they all lived, except for poor Jimmy, who didn’t do what they were trained to do, and bought the farm.  And now we all remember the lesson.

    As recently as the 1980s I have recordings of AFN public service announcements on operational security that were not too dissimilar from this, except they were 30 second spots with a bunch of soldiers sitting around the table, chatting about unclassified stuff, while a Russian spy eavesdrops and fills in a crossword puzzle with clues from the conversation, figuring out that the US is going to deploy a new weapon in the Middle East (which was classified).  Been 30 years, I still remember it.

    • #19
  20. lesserson Member
    lesserson
    @LesserSonofBarsham

    Seawriter:

    FightinInPhilly: All the encryption in the world doesn’t help when your password is: password.

    Who told? I sure didn’t tell anyone that was my password.

    Claire Berlinski, Ed.: It’s not a parody. That’s what I thought, too, but nope: You paid for the production of that video.

    The bit I saw looks just like similar videos produced by Boeing and NOV I had to sit through . . . annually . . . while employed at those companies. Cheesy and sleep-inducing. And mandatory. Did I mention there is a test at the end?

    Seawriter

    I had to watch the time study video something like 4 times because some folks couldn’t pass the test, made me want to jump off a balcony.

    • #20
  21. James Gawron Inactive
    James Gawron
    @JamesGawron

    Claire,

    Well, that’s it then! HRC hadn’t seen this video. If only she had watched she would have been more careful. The poor thing just didn’t understand this fancy espionage mumbo jumbo stuff.

    Maybe Huma can put the video on the iPad after she draws a nice warm bubble bath for her. Then Huma will be able to tuck her in by 8 pm. She needs her sleep. It’s so exhausting having to fight the vast right wing conspiracy all day long.

    We must all be more considerate of her feelings.

    Regards,

    Jim

    • #21
  22. FightinInPhilly Coolidge
    FightinInPhilly
    @FightinInPhilly

    Casey:

    Dustoff:FIGHTINPHILLY,

    How did you know my password is password?

    Curses, foiled again!

    DoRightCast

    My posts are all listening devices for Van Eck phreaking. I know all the Ricochet passwords.

    • #22
  23. Hoyacon Member
    Hoyacon
    @Hoyacon

    It would have been better if they’d cast Steve Buscemi as the “federal employee.”

    • #23
  24. EJHill Podcaster
    EJHill
    @EJHill

    It really is counterproductive though, isn’t it? If there is a spy among you then any good information conveyed becomes a seminar in how not to get caught. Because we’re going to tell you exactly what we’re looking for!

    Duh.

    • #24
  25. Eric Hines Inactive
    Eric Hines
    @EricHines

    Keep in mind that this stuff has to be tailored to the audience.  Keep in mind, too, the state of modern public education.  The military’s regulations and manuals have to be written to the eighth grade level, not the adult level, in order to achieve broad understanding.

    These training videos might not seem all that cheesy to the eighth grade mentality at which they’re aimed.  Even the Hillary Clintons, Cheryl Mills, Bill Burtons, and Marilyn Mosbys of the world need help in understanding things normal people take as common sense with an occasional reminder.

    Eric Hines

    • #25
  26. TempTime Member
    TempTime
    @TempTime

    No sure if the initial complaint is about the acting or the script or the scenery … but it doesn’t really matter.  If that is the complaint, it is short-sighted IMHO.  People, particularly inside people , are the weakest link.  Social engineering is a topic that it is difficult for people to consistently be aware of as they go through their daily activities —  simply because it is natural for people to be trusting and curious.  Just look at what people share on Ricochet.

    In my opinion, if, as someone else already pointed out, cheesy gets the intended target audience of the video to think and talk about the art of human hacking, the video is a success.  No?

    • #26
  27. lesserson Member
    lesserson
    @LesserSonofBarsham

    TempTime:No sure if the initial complaint is about the acting or the script or the scenery … but it doesn’t really matter. If that is the complaint, it is short-sighted IMHO. People, particularly inside people , are the weakest link. Social engineering is a topic that it is difficult for people to consistently be aware of as they go through their daily activities — simply because it is natural for people to be trusting and curious. Just look at what people share on Ricochet.

    In my opinion, if, as someone else already pointed out, cheesy gets the intended target audience of the video to think and talk about the art of human hacking, the video is a success. No?

    When I was working on a BS in Network Security social engineering was focused on a good bit of the time. “Hacking” people is often the best way in for the very reason TempTime mentions. Most people in work environments (not all of course, we all know who they are) tend to be at least somewhat helpful to people they work with. They are also either unaware of or willing to break procedures for people they want to help to either be nice or save time.

    • #27
  28. Kozak Member
    Kozak
    @Kozak

    Gee if only some State Department employees had run to the IG when they noticed all those emails to and from that Clinton.com domain.
    Maybe they can do a video for that.

    • #28
  29. Seawriter Contributor
    Seawriter
    @Seawriter

    Kozak:Gee if only some State Department employees had run to the IG when they noticed all those emails to and from that Clinton.com domain.
    Maybe they can do a video for that.

    They almost certainly have a video on how to report problems to the IG. And I am sure after taking it merriment ensued among those who knew about Clinton.com.

    Seawriter

    • #29
  30. Anuschka Inactive
    Anuschka
    @Anuschka

    Sabrdance: they were 30 second spots with a bunch of soldiers sitting around the table, chatting about unclassified stuff, while a Russian spy eavesdrops and fills in a crossword puzzle with clues from the conversation, figuring out that the US is going to deploy a new weapon in the Middle East (which was classified). Been 30 years, I still remember it.

    That actually sounds interesting and clever. Why can’t the public university I work for show us scenarios like that? No, we get the eye-rolling videos of the stupid schlubs whose passwords are “password” and “123456789.”  I honestly can’t remember what was in my last cyber-security training. I only remember it was obnoxious and the answers were obvious.

    • #30
Become a member to join the conversation. Or sign in if you're already a member.