\u2022 Live events help lessons sink in. Hold monthly brown-bag awareness lunches for departments or remote facilities.\u2022 Stay in people's faces: Publish a monthly newsletter on current security threats and issues. Report security metrics, both good and bad.\u2022 Find ways of expressing the cost-avoidance benefits of improved security. For example, put a dollar amount on fewer incidents and shorter recovery times.\u2022 Have the CEO and other top executives attend security Q&A meetings (and have them take some questions). Make sure important security memos go out under the CEO's name.\u2022 Have direct contact with employees. Manage by walking around!\u2022 When new threats emerge, act quickly to inform the enterprise. Demystify but don't scare.\u2022 Make awareness initiatives vivid so that they are felt on a personal gut level by individual employees.\u2022 Engage in multimedia education: posters, online tutorials, live events, podcasts.\u2022 Focus on high-value awareness initiatives: loss-prevention in retail businesses, counter-competitive-intelligence strategies in research-rich environments, data privacy in financial institutions. *\u2013L.M.