How to talk about activism and security in a non scary way

From DevSummit
Jump to navigation Jump to search

HOW NOT TO FRIGHTEN PEOPLE INTO PARALYSIS AROUND DIGSEC TECH

education theories re how much content can be received, 5 mins worth, sensitive to the digestion of the audience using basic pedagogical principles first (brief chunks, varied format etc)

let's empower the audience (one concrete thing you can do soon)

parallels with public health education

exploiting people's pain in donation pitches via fear

how people avoid you at parties coz you talk about scary topics

promoting herd immunity for digital security, lack of implemention around us endangers us

talk about using easy low hanging fruit: a password manager (washing your hands) instead of extreme examples: zero day exploits (cancer statistics)

avoid shaming

Freire: letting people choose their own engagement, language for how they engage

highlander approach (rosa parks) movement building

bread & puppet (education as playful, theatrical)

introduce options vs monolithic checklist of shoulds

coming as a stranger with a message vs internal community education

crisis response vs building digsec alternatives

offering people water vs bringing a firehose

using stories of small wins vs dramatic fails

seeking funding sources for peer review of educational materials

concrete vs nebulous threats (climate change messaging fails research)

individual responsibility vs critical analysis of institutional problems

proportional response & reframing

sweeten the message with humor

brevity

jargonwatch

digsec harm reduction: talk about clear specific measurable risk paired with action

overlap with environmental justice & health education