Theme Be aware of cybercrime
The first week of cybersecurity awareness month is all about being aware of cybercrime and being alert to it. We have highlighted 3 types of cybercrime and given tips on how to prevent them.
At the start of CyberSsecurity Awareness Month, SURF and BDO shared the results of the security and privacy awareness survey for education and research. This measurement, conducted among 26 institutions as part of the Cybersave Yourself service, shows among other things that the awareness levels at institutions are comparable.
During cybersecurity month, you can also follow a number of webinars. In the webinar on 7 October, Charl van der Walt, head of Security Research at Orange, will present his research on the impact of ransomware.
Many ransomware attacks start with a phishing email. Therefore, make sure that your employees and students do not just click on a link. How? By having them follow the online modules of SURF's security and privacy certificate.
In May 2021, an unprecedented ransomware attack hit the entire healthcare system in Ireland. HEAnet, Ireland's SURF, followed this attack and drew some important lessons from it.
For cybersecurity month, Justinas Rastenis tells how employees at Vilnius Tech University reacted to two phishing simulations: before and after awareness training (in Dutch).
How do you set up a good cybersecurity awareness programme at your institution? SURF colleague Albert Hankel takes you through how to do this in 9 blogs (in Dutch).
Theme Protect your (home) network
The second week of cyber security awareness month is all about protecting your home network. We explain what you can do to protect your home network.
SURF colleague Joeri de Ruiter explains in his article why public wifi is not safe, and how you can use it somewhat safely if you really have to. But better is: don't use it.
The largest component of SURFsoc is the Security Information and Event Management (SIEM) service: the 24/7 monitoring of the institutions' IT infrastructure. Want to know how the SIEM platform works? Watch the demo (in Dutch).
Since this year, institutions can use their own multi-factor authentication (MFA) solution to secure cloud services that are accessed via SURFconext. Read the experiences of Hogeschool Zeeland and Utrecht University.
Theme Protect your devices
Our laptop, phone and tablet have become indispensable. We use them to work, study, email, pay, play games, surf socials and much more. But they are also the favourite target of cybercriminals. That's why it's important to protect them as much as possible! Read how you can do that.
In this article, Stefano Zanero, associate professor at the Politecnico di Milano University, answers 7 questions about password managers.
SURF is helping to develop and use a testbed for the DDoS Clearing House. In this video Thijs van den Hout (SIDN Labs) and Remco Poortinga (SURF) demonstrate the DDoS Clearing House.
In addition to the ROC van Twente and Summa College connecting to SURFsoc, conversations are taking place with various other MBO institutions. It shows the importance that the MBO attaches to cyber security. Several educational and research institutions have already joined up, including universities of applied sciences, universities and a University Medical Centre.
Every digital interaction leaves a digital trail. Most of the time, those breadcrumbs contain our personal data - even without our conscious consent. Proper handling of the data we share in the digital world ("digital hygiene") is essential to keep an overview of what information we have shared with consent, with whom and for what specific purpose(s).
This makes it easier to:
- Update our shared or exposed data, assessing the risks associated with sharing our information,
- identify security problems related to the breach of our personal information and
- learn how to communicate these to minimise the damage.
This webinar will provide techniques to give users (more) tools to protect and understand their digital identity.
Theme: Protect your identity
In this digital age, we share a lot of information about ourselves online, often without thinking about it. But cybercriminals can abuse your personal data. It is therefore important to protect your digital identity and think carefully about what you share online and with whom. In this article you can read more about what criminals do with your data and we give tips to prevent identity theft.
In today's society, it is almost impossible to use products, websites, apps, home appliances, etc. without giving up some of your privacy. Similarly, as employees in research and education, it is almost impossible to carry out your work without taking into account the GDPR, data protection impact assessments, data processing agreements, consent forms, and so on. In fact, it is becoming increasingly difficult, if not impossible, to be a 'good citizen/employee' without also becoming a privacy expert. But what is privacy exactly? And why is there so much emphasis on it these days?
In this webinar, Arnout Terpstra (SURF & Tilburg University) provided an overview of the current state of affairs surrounding privacy. He also shared his ideas that are central to his doctoral research, according to which part of the solution to the erosion of privacy lies in how devices and interfaces are designed.
How do you stand up to tech giants like Google and Facebook? And how do we stop the government's data hunger? In this Privacy Speech on 7 December - a joint event by SETUP, TivoliVredenburg and SURF - Kees Verhoeven addresses the question of how we can protect our rule of law in the digital age.
Do you want to test your hacking skills and problem-solving abilities? Then join SURFcert's hybrid Capture the Flag (CTF) event on 30 November! Create a team of up to 4 players and capture that flag and the coveted honour. During the mini-challenge on 1 November you will also have the chance to participate in CTF at the SURF office.
While we are all used to looking left-left (or right-left-right) when crossing the road, while most of us have (hopefully) learned to swim, and while we are all prepared for our safety in the physical world, all safety precautions are thrown overboard when entering the digital realm. People click on any link as long as it is shiny blue and underlined; open attachments even when they are clearly not intended for them; import software libraries and applications without regard to the source and also put "security" behind "cheap" and "convenient". This webinar will discuss many real-life examples where computer security has been compromised through lack of priority, negligence, ignorance or just plain stupidity.
Speaker: Stefan Lüders, Computer Security Officer - CERN
In May and June 2021, Rotterdam University of Applied Sciences ran a successful awareness campaign about the dangers of phishing, which culminated in a fake message to all employees. Read how the university set up this campaign (in Dutch).