All cybersecurity month 2021 content at a glance

October is cybersecurity awareness month. On this page you will find an overview of the articles, blogs and other content we have shared in that context.

Foto van een vrouw die een mobiele telefoon vasthoudt en achter haar laptop zit.

Theme Be aware of cybercrime

Explanation of theme: Be aware of cybercrime

The first week of cybersecurity awareness month is all about being aware of cybercrime and being alert to it. We have highlighted 3 types of cybercrime and given tips on how to prevent them.

Results Security and Privacy Awareness Survey in Education and Research.

At the start of CyberSsecurity Awareness Month, SURF and BDO shared the results of the security and privacy awareness survey for education and research. This measurement, conducted among 26 institutions as part of the Cybersave Yourself service, shows among other things that the awareness levels at institutions are comparable.

GÉANT-webinar on ransomware: 'Work like a captain, play like a pirate'

During cybersecurity month, you can also follow a number of webinars. In the webinar on 7 October, Charl van der Walt, head of Security Research at Orange, will present his research on the impact of ransomware.

Go to recording of this webinar

E-modules Digital security and privacy certificate of the Cybersave Yourself service

Many ransomware attacks start with a phishing email. Therefore, make sure that your employees and students do not just click on a link. How? By having them follow the online modules of SURF's security and privacy certificate.

Article: important lessons after the ransomware attack on the Irish health service

In May 2021, an unprecedented ransomware attack hit the entire healthcare system in Ireland. HEAnet, Ireland's SURF, followed this attack and drew some important lessons from it.

Article: Phishing experiment at Vilnius Tech University
Blog series: How to set up a good cybersecurity awareness programme?

How do you set up a good cybersecurity awareness programme at your institution? SURF colleague Albert Hankel takes you through how to do this in 9 blogs (in Dutch).

Theme Protect your (home) network

Explanation theme: protect your (home) network

The second week of cyber security awareness month is all about protecting your home network. We explain what you can do to protect your home network.

Article: Why public wifi is not safe
Video: Demo Security Information & Event Management (SIEM) service from SURFsoc

The largest component of SURFsoc is the Security Information and Event Management (SIEM) service: the 24/7 monitoring of the institutions' IT infrastructure. Want to know how the SIEM platform works? Watch the demo (in Dutch).

Use cases HZ and UU: Multi-factor authentication for services behind SURFconext

Since this year, institutions can use their own multi-factor authentication (MFA) solution to secure cloud services that are accessed via SURFconext. Read the experiences of Hogeschool Zeeland and Utrecht University.

Theme Protect your devices

Explanation theme: protect your devices

Our laptop, phone and tablet have become indispensable. We use them to work, study, email, pay, play games, surf socials and much more. But they are also the favourite target of cybercriminals. That's why it's important to protect them as much as possible! Read how you can do that.


    Article: 7 questions about password managers

    In this article, Stefano Zanero, associate professor at the Politecnico di Milano University, answers 7 questions about password managers.

    Video and blog: Development and use of a testbed for the DDoS clearinghouse

    SURF is helping to develop and use a testbed for the DDoS Clearing House. In this video Thijs van den Hout (SIDN Labs) and Remco Poortinga (SURF) demonstrate the DDoS Clearing House.

    Article: First mbo institutions connect to SURFsoc

    In addition to the ROC van Twente and Summa College connecting to SURFsoc, conversations are taking place with various other MBO institutions. It shows the importance that the MBO attaches to cyber security. Several educational and research institutions have already joined up, including universities of applied sciences, universities and a University Medical Centre.

    GÉANT-webinar on Data sharing hygiene and its implications in security

    Every digital interaction leaves a digital trail. Most of the time, those breadcrumbs contain our personal data - even without our conscious consent. Proper handling of the data we share in the digital world ("digital hygiene") is essential to keep an overview of what information we have shared with consent, with whom and for what specific purpose(s).

    This makes it easier to:

    •     Update our shared or exposed data, assessing the risks associated with sharing our information,
    •     identify security problems related to the breach of our personal information and
    •     learn how to communicate these to minimise the damage.

    This webinar will provide techniques to give users (more) tools to protect and understand their digital identity.

    Go to recording of this webinar

    Theme: Protect your identity

    Explanation of the theme: protect your identity

    In this digital age, we share a lot of information about ourselves online, often without thinking about it. But cybercriminals can abuse your personal data. It is therefore important to protect your digital identity and think carefully about what you share online and with whom. In this article you can read more about what criminals do with your data and we give tips to prevent identity theft.

    Video: GÉANT-webinar on privacy: Think Before you Click: privacy in a highly technologised society

    In today's society, it is almost impossible to use products, websites, apps, home appliances, etc. without giving up some of your privacy. Similarly, as employees in research and education, it is almost impossible to carry out your work without taking into account the GDPR, data protection impact assessments, data processing agreements, consent forms, and so on. In fact, it is becoming increasingly difficult, if not impossible, to be a 'good citizen/employee' without also becoming a privacy expert. But what is privacy exactly? And why is there so much emphasis on it these days?

    In this webinar, Arnout Terpstra (SURF & Tilburg University) provided an overview of the current state of affairs surrounding privacy. He also shared his ideas that are central to his doctoral research, according to which part of the solution to the erosion of privacy lies in how devices and interfaces are designed.

    Go to recording of this webinar

    Privacy Speech 2021: Kees Verhoeven on 'How do we protect our rule of law in the digital age?

    How do you stand up to tech giants like Google and Facebook? And how do we stop the government's data hunger? In this Privacy Speech on 7 December - a joint event by SETUP, TivoliVredenburg and SURF - Kees Verhoeven addresses the question of how we can protect our rule of law in the digital age.

    SURFcert hacking event Capture the Flag 2021

    Do you want to test your hacking skills and problem-solving abilities? Then join SURFcert's hybrid Capture the Flag (CTF) event on 30 November! Create a team of up to 4 players and capture that flag and the coveted honour. During the mini-challenge on 1 November you will also have the chance to participate in CTF at the SURF office.

    Video: GEANT-webinar onsecurity: How to mess up yours… and your organisation's life

    While we are all used to looking left-left (or right-left-right) when crossing the road, while most of us have (hopefully) learned to swim, and while we are all prepared for our safety in the physical world, all safety precautions are thrown overboard when entering the digital realm. People click on any link as long as it is shiny blue and underlined; open attachments even when they are clearly not intended for them; import software libraries and applications without regard to the source and also put "security" behind "cheap" and "convenient". This webinar will discuss many real-life examples where computer security has been compromised through lack of priority, negligence, ignorance or just plain stupidity.

    Speaker: Stefan Lüders, Computer Security Officer - CERN

    Go to recording of this webinar

    Article: Rotterdam University of Applied Sciences catches DataPhish

    In May and June 2021, Rotterdam University of Applied Sciences ran a successful awareness campaign about the dangers of phishing, which culminated in a fake message to all employees. Read how the university set up this campaign (in Dutch).