As most of our readers know, the past three years we participated in Cyber Security Awareness Month by covering a special topic each day.  We are less than two months away from this year's awareness campaign and we are looking for your ideas on what we should focus on this year.  Here are links to summaries of the past three years so that you can see what we've done:

2007:  http://isc.sans.edu/diary.html?storyid=3597

2008:  http://isc.sans.edu/diary.html?storyid=5279

2009:  http://isc.sans.edu/diary.html?storyid=7504

The handlers were discussing this topic a couple of weeks ago and came up with some ideas.  Here is what we've been noodling as possible topics for 2010:

- Key services that should or should not be running, and how to secure those services that are necessary
- How to secure popular applications in categories like social (Facebook, etc.), desktop (MS Office, etc.), mobile (iPhone apps, etc.), web apps (online banking, etc.) and cloud (Google Docs, etc.)
- How to use security tools like Nessus or Wireshark
- Manipulating Windows registry settings
- Security horror stories

We'd really like to do something that has a lot of meaning for our readership.  So use the comment link below to add your ideas and thoughts, or if you want to share your thoughts privately with us use our contact form.  In the past, we've had a general theme for the entire month then discussed sub-themes each week.  If you look back at the previous years you can see how that theme is carried out.

Marcus H. Sachs
Director, SANS Internet Storm Center