CreditsLast Updated 2016-03
There are many different kinds of digital security trainers, with many different habits and practices in turn - how can we be more aware of ourselves, and the impact of our own training habits on participants?
Leave a note anywhere on this page - look for the Hypothes.is toolbar in the upper right-hand corner.
In the context of online security training, the main goal of a trainer is to facilitate the participants’ understanding of online security risks and solutions, apply it to their real experiences, and make the decision to change their behavior and practices in using the Internet.
Jargon is a bit like a ‘secret language’ that is shared among people who are experts in a particular field – a shorthand in which complicated concepts get abbreviated into a single word or phrase. As long as the experts know what the jargon is, they can communicate their ideas clearly and more quickly than they would otherwise.
Jargon-Monster behavior in training is the over-use of technical terms without explaining what they mean. This behavior assumes that everyone in the room has the same background, experience and level of expertise on the topic. Ultimately, this behavior gets in the way of real learning. An effective trainer shouldn’t shy away from jargon, but s/he should define specific terms during the lessons.
Jargon balls let participants sound the alarm when jargon gets used. One or more soft balls (perhaps just a t-shirt wrapped up in tape) are handed out at the start of the class. Participants are invited to toss the ball at anyone who uses jargon (both trainers and other participants) in order to get them to stop and explain what they mean.
Another idea is to start a tech workshop by having a Jargon Jar session. You can use an actual jar (a big one), and then ask the participants to write down on small pieces of paper the technical jargon that they have heard or read before the training (one jargon or concept per piece of paper). Then collect the pieces of paper. The trainer then goes through each one and specifies in which session in the workshop these jargon / concepts will be covered. Of course the trainer has to remember to cover these topics in the appropriate session! Another way to do this is to draw a jar on a big piece of butcher paper and ask the participants to call out the jargon they have heard or read. Again, the trainer should go and specify when the jargon / concept will be tackled.
Think about the topic you are teaching and try to find practical, common-place analogies that can illustrate the concepts in a clearer way. For example, in a session on using PGP (Pretty Good Protection) to encrypt email, it might be more effective to tell participants that sending an encrypted email is like sending a padlock that only a person with the right key can open, before you try to describe the technology behind it.
Use multiple and layered metaphors in explaining concepts. One of the most common metaphors that security trainers use to describe the inherent insecurity of email, for instance, is ‘it’s like sending a postcard’, where everyone who gets hold of the postcard (from the mailman to post-office workers) can see what the sender has written on it. A layer is added to the metaphor when the trainer explains that using HTTPS in email is like “putting the postcard in an envelope”.
Don’t dismiss the effectiveness of a few stick drawings to illustrate a concept. They are more powerful teaching tools than a paragraph of words on the same topic. The challenge here for trainers is not whether or not you can draw like an artist, the challenge here is organizing how you will teach a concept. What are the processes involved in a specific session? How can you illustrate them in such a way that each process is clear to everyone?
Preparing presentations for workshops is part of the standard trainer’s routine, and there is undeniable value in using PowerPoint (or OpenOffice Present) in a training context. For one thing, if a trainer is dealing with a mixed-language group of participants (very common in regional and international training workshops), then having a prepared visual presentation to support the lecture can be an effective way to address language differences. Presentations coupled with a lecture also address two learner types: the visual and the auditory learners. This makes for a more effective training session.
However, good trainers know that a PowerPoint (Or OpenOffice Present) -based session can foster an inequality between The Trainer and The Participant. Unlike other presentation tools (i.e., drawing on butcher paper, mind-mapping on flip chart paper), a PowerPoint presentation is all about what the trainer knows and what s/he feels is important on a specific topic for the participants to know. This one-way The Trainer-to-The Participants approach that PowerPoint presentations can imply might eventually be a hindrance to getting the participants to understand concepts and apply them in their own lives, especially in the context of adult learning, where participants bring with them their own experience and expertise.
Generally, the way a PowerPoint-mediated session goes is that the trainer does a presentation, then an ‘open forum’ is tacked on at the end of the session for participants to ask their questions or provide feedback. This speaks to where the priority of a session lies, and the kind of unequal relationship between The Trainer and The Participants. Overall, this model of teaching is ineffective as it does not facilitate the participants taking control over their learning because it does not prioritize their needs, experiences and realities.
Worse, there are trainers who are really bad at preparing PowerPoint presentations. Those that copy + paste a whole bunch of text (usually from books, papers or project documents!) and expect it to explain concepts. Much worse still, those that read that copy + pasted text in place of doing an interactive session. This type of behavior belongs to the PowerPoint-Freak. It may make teaching easier for the trainer, but it definitely does not make learning easier for the participants.
If you really want to use your presentation to address visual and auditory learner needs, use images on your slides coupled with a spoken lecture. Use text in chunks and sparingly. Presentations are not meant to be read. They are meant to support what you are saying. Don’t ever copy a wall of text on your presentation.
7 to 8 slides per presentation should be enough. If you use more than that, it might indicate that you are speaking more than the participants, which is really not ideal for participatory learning.
Design your slides so that each ends with a question or questions, so you as the trainer are reminded to stop speaking and let the participants provide feedback or ask questions at each. Use your PowerPoint presentation to facilitate a discussion by ending each slide with questions that you want the participants to discuss.
These are some guidelines, but in general PowerPoint presentations should be kept to a minimum. If you spend more time preparing PowerPoint presentations than you do preparing questions to facilitate discussions, you may want to rethink your strategy. Good trainers must remember that effective teaching methodologies, especially in adult learning, always starts with the participants experience. The ADIDS methodology, which we address in the next module, is a good way to start.
One of the staples any technical training is the hands-on activity, when participants install and use new software that will enhance their safety.
Every so often, a trainer will get a participant who is not as used to handling a computer as their peers, and this can trigger Mouse Dominator behavior. This occurs when the trainer takes over the mouse and shows the participant what to do instead of allowing them to do it themselves. This approach can easily turn a hands-on activity into a learning barrier, because the participant is left unable to learn by doing.
Not everyone will learn to do things at the same speed. Some folks are more experienced and therefore will be quicker than others; those who are less experienced may feel awkward or powerless if they lose control of their computer. Instead, the trainer should physically stand behind or next to the participant during the hands-on activity, guiding them through the process rather than taking control of the mouse.
For hands-on exercises, it’s tremendously beneficial to work in training teams. One trainer stands in front, demonstrating the steps in the exercise, and one or more trainers (or assistant trainers recruited from your organizer or even your participants) provide supportive guidance to the participants as they follow the steps.
List the steps for the hands-on activity on butcher paper, a flip chart or a slide that you can project. In many cases, you will probably need to chunk these steps into task-based activities, and then go through the different chunks one by one.
Show your participants the steps in an activity before you ask them to replicate them. Using a projector at the front of the room, with additional instructors or helpers at the back, walk through each step and ask the participants if they are with you: Asking “is this what you can see you on your screen?” is a good way to know if everyone is following your demonstration, and if others are falling behind.
In digital security trainings, sometimes a little bit of fear-mongering can be necessary. Conveying the dangers of the online/digital world can be challenging as the associated risks are largely “virtual” and therefore not seen to be “real” by many people. For example, showing someone how easy it is to hack into a social network account can encourage participants to consider risk and danger in ways that a lecture never could.
However, responsible and ethical digital security trainers need to know when to stop. Sometimes fear-mongering is so “effective” that it fosters a feeling of dis-empowerment among trainees - the issue is perceived as ‘too big’ for them to handle, and therefore paralyses them when it comes to thinking of and practicing solutions.
An effective way to meaningfully convey the dangers of risky digital behavior to participants is to tell stories or case studies from experiences of other activists groups who have been put at risk because of their insecure online communications and practices. This kind of contextualized, experience-based (whether their own or others’) awareness-raising for online security issues can be really effective in getting participants to take lessons and training seriously.
A good rule of thumb for digital security trainers is for every fear you inspire, always have at least one solution or strategy that participants can employ to mitigate or address that fear. If the risk being discussed does not have a technical solution, be prepared to discuss “offline” or “physical” strategies and tactics that participants can master and practice instead. In cases where there are both “online” and “offline” strategies to recommend, discuss both - examples of “offline” strategies are effective for making sometimes daunting digital threats more relatable and therefore manageable.
A good trainer never wants to scare participants to the point that the only solution they can think of is to disconnect from the internet entirely - that’s not the point of digital security trainings! The point is to make them aware of the risks so they can be conscious and conscientious when it comes to their online communications and technology use practices.
Monologues are, if we count lectures, a normal part of training. Trainers are asked to speak about specific topics because they are knowledgeable on those topics; however, sometimes a trainer becomes so comfortable lecturing (or monologue-ing) that they become ineffective in actually teaching that topic. When a training becomes dominated by trainer monologue, trainees’ inability to be active participants in their own learning process leads to disengagement from, and even disillusionment in, the trainer.
Outline your lecture in such a way where you know at which points to stop and ask questions from the participants. See The Powerpoint-Freak section above for some tips on how to build these stops into the lecture portion of your session(s).
Keeping yourself from the monologuer behavior is more than what you do during a training. At the start of your training, you need to negotiate with the participants about acceptable behavior during the event. Let them know that it is not acceptable for you to be speaking the entire time, and ask them to interrupt you when they feel that they no longer have the bandwidth or attention span to listen to more.
Try to ‘read’ the energy level of participants. This is not an exact science, but rather an art based on experience. The more you train, the better you get at feeling the room. If you sense the energy in the room is low, and the participants are not paying attention, address it and do something about it by either taking a quick break or doing an energizer activity.
This may not be an indicator of the participants agreeing with everything you are saying. This may be an indicator that they have stopped paying attention, and are only nodding because they don’t want you to know that they’ve stopped paying attention. To check, you can ask the ones who are nodding their heads a question that will show you if they are paying attention. If they are stumped, chances are they have not been paying attention.
Feet tapping, pen tapping, hair fixing, nail checking. This behavior lets you know that people are not really paying attention.
If you recognize any of these indicators, you should stop and ask questions. If you are not recognizing these indicators, it’s always a good idea any way to ask the participants “how are we feeling? do we need a break?”.