I’ve taught a lot of different classes over the years, and always found the different structures to be pretty interesting.
On one end were highly scripted first aid classes that forced us to show crappy “Help! I’ve fallen!” videos produced in 1878 accompanied by a mandatory script. The name of the game was baseline consistency. Lock everything down as tight as possible because you can’t predict the quality of the instructor. Heck, few CPR instructors have ever actually done CPR. I know how I taught changed after I cracked some ribs on mostly-dead people.
(No, they don’t wake up and thank you like on Baywatch. And they are never that hot or in bikinis. Well sometimes bikinis, but trust me, you really should dress more appropriately before letting your heart stop.)
In a completely different direction is martial arts – which is all about tailoring the experience to best connect with the student over many years. I only ran a solo class for about 6 months while my instructor ran off to start his family, and learned a hell of a lot in the process. Then my IT career hit and that was the end of that.
Why bring this up now? I’ve been hip-deep in pulling together all the final materials for the first fully packaged CCSK class we will be teaching June 8-10. For the first time I’m in the position of developing courseware for a structured class, with hands-on, which others will have to teach.
The lecture slides are pretty straightforward, although we have to be careful to include plenty of instructor notes and not assume any experience level. The hands-on exercises? Those are a challenge. Building the scenarios wasn’t too tough. But it takes me 5 times longer to convert one into a package someone else can teach from. Everything has to be scripted, packaged, and able to run on everything from a high-end Mac Pro to a freaking Speak-n-Spell. And run a private cloud for 40 students on a Windows ME netbook.
A lot more people have performed CPR than have built private clouds.
I’m not complaining – it’s a blast to work with my hands again. Although I have always sucked at debugging, and my wife is pissed I keep bleeding on the floor from banging my head against all our walls.
But it’s very cool to put everything together like a puzzle. Pre-script pieces in module 1 we won’t need until module 8, just so students can focus on the concepts rather than the command lines, while still giving advanced folks freedom to explore and play so they don’t get bored.
I just hope it all works.
On to the Summary:
Webcasts, Podcasts, Outside Writing, and Conferences
- Adrian quoted in CSO Magazine.
- Rich on security and the AWS outage.
- The Network Security Podcast, Episode 239. With special guest Josh Corman.
Favorite Securosis Posts
- Mike Rothman: Why We Didn’t Pick the Cloud (Mostly) and That’s OK. Who else gives you such a look into the thought processes behind major decisions? Right, no one. You’re welcome.
- David Mortman: Why We Didn’t Pick the Cloud (Mostly), and That’s Okay.
- Adrian Lane: Why We Didn’t Pick the Cloud. Operations played a bigger part in the decision process than we expected.
- Rich: Software vs. Appliance: Software.
Other Securosis Posts
- Incite 4/27/2011: Just Write.
- Security Benchmarking, Beyond Metrics: Benchmarking in Action.
- Security Benchmarking, Beyond Metrics: Index.
Favorite Outside Posts
- Mike Rothman: DHS chief: What we learned from Stuxnet. How cool would it have been if Secretary Napolitano had just said “We’re screwed.”? We are, but this article hits on responding faster and more effectively.
- David Mortman: TCP-clouds, UDP-clouds, “design for fail” and AWS. Because DR is a security issue
- Adrian Lane: Anatomy of a SQL Injection Attack.
- Dave Lewis: DHS needs to point finger at self, not private industry.
- Rich: Richard Bejtlich’s Cooking the Cucko’s Egg.
Research Reports and Presentations
- React Faster and Better: New Approaches for Advanced Incident Response.
- Measuring and Optimizing Database Security Operations (DBQuant).
- Network Security in the Age of Any Computing.
- The Securosis 2010 Data Security Survey.
- Monitoring up the Stack: Adding Value to SIEM.
- Network Security Operations Quant Metrics Model.
- Network Security Operations Quant Report.
- Understanding and Selecting a DLP Solution.