Creating Cybersecurity Content the EASY Way

Creating engaging and informative content in cybersecurity is a unique challenge. The subject matter can be complex and intimidating for many, yet the need for understanding cybersecurity is more crucial than ever. Leveraging people, processes, and technology effectively is essential for creating content that educates and entertains. The EASY Framework I developed offers a robust approach to achieving this. It was originally designed to help threat intelligence leaders build or correct the direction of their TI programs. Then I re-tooled it for security programs. But now, let's look at it for creating content. The acronym EASY stands for Elicit Requirements, Assess Resources, Strive for Impact, and Yield to Feedback.

E - Elicit Requirements

To start, you need to Elicit Requirements. In content creation, this means understanding the needs and interests of your target audience. This involves researching your audience's demographics, their existing knowledge of cybersecurity, and the type of content they find most engaging.

For instance, if you're creating content for a non-technical audience, you must elicit requirements such as using simple language, providing real-world examples, and perhaps focusing on topics like online privacy, safe browsing habits, or basic digital hygiene.

Creating content is about the audience.

But what makes content unique is you.

What do you have to tell your audience? Is it an experience you have, or are you looking to highlight the experiences of others?

The more of yourself you put into your content, the more it will be difficult for others to use your formula to produce the same.

There is no one better at being you than you.

Someone that does this exceptionally well is Ashish Rajan ????????♂? and Shilpi Bhattacharjee . They have mastered their niche and truly understand their audience. Check out their content here The Cloud Security Podcast.

A - Assess Resources

The next step is to Assess Resources. This includes your content creation team, the platforms you plan to use, your budget, and the time you have to create and promote your content.

Let's say you're planning to create a podcast series on cybersecurity. You need to assess resources like your access to expert guests, the quality of your recording and editing equipment, your team's audio production skills, and the platforms you'll use to distribute the podcast.

Look at what resources you already have and how you might leverage them.

As your requirements from the first step change, so might the resources you need.

One of the masters of using everything at their disposal is Daniel Miessler . If you look at just one of his newsletters, you can see the amount of detail and work that goes into an edition. But you better believe he is using every resource available to make that happen. Check out his newsletter and podcast, Unsupervised Learning.

S - Strive for Impact

The third step, Strive for Impact, focuses on creating content that will make a significant difference to your audience. This can be by educating them about important cybersecurity issues, providing practical steps to enhance their security, or simply providing engaging and entertaining content that increases their interest in the subject.

For example, you might create a series of short, animated videos that explain complex cybersecurity concepts in an easy-to-understand and fun way. If your audience is predominantly young and active on social media, these videos can have a great impact by reaching a wide audience and effectively conveying important information.

Note for marketers: Leads are important for business, but providing value is important content. Always give first, ask second, if at all. My philosophy is to provide content freely 80% of the time without an ask for something in return.

Jason Blanchard and John Strand are two of our community's best givers. From Backdoors and Breaches to pay-what-you-can training, they give so much to the community that it truly inspires.

Y - Yield to Feedback

The final step is to Yield to Feedback. This involves monitoring your content's performance, soliciting audience feedback, and adjusting your strategy.

For instance, if your recent blog post about password security received many positive comments and shares, you might create more content. Alternatively, if a video tutorial received feedback that the pace was too fast, you could yield to this feedback by slowing down in future tutorials, ensuring your content is as accessible and useful as possible.

Feedback is a gift; only some understand this to a level that Perry Carpenter and Mason Amadeus do. One listen to their show Digital Folklore, and you will feel the genius and openness to feedback with every episode. It truly is something to behold.

When applied to cybersecurity content creation, the EASY Framework provides a clear roadmap to effectively leveraging your resources to create impactful content. By eliciting the requirements of your audience, assessing your available resources, striving for impactful content, and constantly yielding to feedback, you can create cybersecurity content that educates and entertains your audience.

I'd love to hear what you think I should cover next! Could you drop it below and I will work it into future editions?