Skip Navigation
BlackBerry ThreatVector Blog

Cyber Security Training Haikus: Shellcode Returns

RESOURCES / 05.09.19 / Steve Mancini

As Deputy Chief Information Security Officer, it often falls to me to come up with new and entertaining ways to engage our employees with the kind of in-depth security training mandatory at a large cybersecurity company. 

Prior to National Cyber Security Awareness month (NCSAM) last year, I made a joke on an internal coms channel about penning an original security haiku each day that month. That simple joke stuck with me and I thought... why not? 

So, each week I spent some time over coffee crafting security haikus and penning an email to be sent to the entire company each Monday morning. After the first week, something surprising happened - our employees started replying to my daily emailed haiku by sending me their own haikus in return. 

Here are a selection of some of my favorites. Part 1 of this series can be found here.

Corrupted header

Shellcode returns to libc

Bug bounty award

- by Eric Kaiser
Security Automation

Classified data

No matter where you store it

Keep it encrypted

- by Steve Mancini
Deputy CISO


Happy Hour banter

Overheard in public place

Curb work topics there

- by Steve Mancini
Deputy CISO 


Settle down email

A devious phishing loose

Watching the trusted

- by Tim Horton
DevOps Engineer Assoc Principal 

The Cloud is your friend

Who shares company secrets

Secure your buckets

- by Steve Mancini
Deputy CISO

Classified info

Plus audience confusion

Equals data breach

- by Gabe Deale
Worldwide VP of Sales Engineering 

Further reading:

Read my original post here: Creating Engaging Security Training for Employees
See more security haikus hereCyber Security Training Haikus Part 2: Shellcode Returns

COPYRIGHT: All cybersecurity haikus © the BlackBerry Cylance employees named above. Kindy give them author attribution if sharing these haikus elsewhere.... because it's just a nice thing to do. ;)

Steve Mancini

About Steve Mancini

Deputy Chief Information Security Officer at Cylance

Steve Mancini currently serves as the Deputy Chief Information Security Officer at Cylance, where he and his team focus on risk management, security strategy, operational security, and incident response for the company. Steve worked for seventeen years at Intel, where he established programs around security community outreach, threat intelligence, APT response, and emerging threat analysis. Outside of work he co-chairs efforts to formalize a threat intelligence sharing policy framework (IEP), contributes to several working groups through the CEB CISO Coalition, and serves on the program committee for some of his favorite security conferences.