This document discusses data protection in layers, including physical security of devices, using encryption and passwords, being wary of public WiFi networks, installing trusted applications only, enabling automatic updates, using two-factor authentication when possible, regularly changing passwords, having backups, and being aware of social engineering risks in public spaces. The key messages are to stay curious about data protection, think long-term about security, and accept that incidents may occur while reporting them to mitigate consequences.
21. Data protection wisdom
• There is a difference between feeling secure and
being secure
• Stay curious
• Think long term
22. Data protection in layers
• PHYSICAL LAYER
• accompany visitors
• wipe boards
• keep a clear desk
• DEVICE LAYER
• keep your device in sight or locked under lock and key
• don’t put your device (laptop, smartphone, …) visible
• put something over the camera / microphone of your device
if you don’t need it
• know whether or not your device is encrypted
• keep the amount of data on your device as limited as possible
23. Data protection in layers
• NETWORK LAYER
• do not connect to public wifi or wifi without a password
• close wifi and bluetooth when you are not using them
• when web browsing, pay attention to the https connection
• when web browsing, pay attention to websites that look
similar but are different (typo,…)
• pay attention when something on a website changes
• APPLICATION LAYER
• be selective with the applications you install on your device
• switch automatic updates of the applications on
24. Data protection in layers
• PASSWORDS / AUTHENTICATION
• use two-factor authentication (something you know and
something you have) when possible
• always change the default password
• use a password manager
• don’t use a password, use a passphrase; longer is always
better
• change passwords regularly
• beware of websites that are able to provide you with your
password, they should not be
• BACKUP
• have backups of the data you cannot or should not loose
• periodically test a restore of you backup
25. Data protection in layers
• PUBLIC SPACES
• be aware of what you say in public spaces (on the train, in a pub,…)
• avoid shouldersurfing
• SOCIAL MEDIA
• be aware of your digital footprint
• actively manage your settings
• don’t use anything that is publicly available to create your password
or security questions
• consider using an (obfuscating) account or email address
specifically for newsletters or fora that don’
• SOCIAL ENGINEERING
• try to be aware if someone lures you to an unusual (web)location
• help people without compromising the security protocols
• if something sounds to good to be true, it most likely is
26. Data protection in layers
• Incidents / accidents will
happen
• Accept it / admit them
• Report it so the
consequences can be
mitigated
Notas del editor
https://www.schneier.com/books/
Secrets and lies: Welcome to the businessworld.com. It's digital: Information is more readily accessible than ever. It's inescapably connected: businesses are increasingly--if not totally--dependent on digital communications. But our passion for technology has a price: increased exposure to security threats. Companies around the world need to understand the risks associated with doing business electronically. The answer starts here.
Information security expert Bruce Schneier explains what everyone in business needs to know about security in order to survive and be competitive. Pragmatic, interesting, and humorous, Schneier exposes the digital world and the realities of our networked society. He examines the entire system, from the reasons for technical insecurities to the minds behind malicious attacks. You'll be guided through the security war zone, and learn how to understand and arm yourself against the threats of our connected world.
There are no quick fixes for digital security. And with the number of security vulnerabilities, breaches, and digital disasters increasing over time, it's vital that you learn how to manage the vulnerabilities and protect your data in this networked world. You need to understand who the attackers are, what they want, and how to deal with the threats they represent. In Secrets and Lies, you'll learn about security technologies and product capabilities, as well as their limitations. And you'll find out how to respond given the landscape of your system and the limitations of your business.
Data and goliath: You are under surveillance right now.
Your cell phone provider tracks your location and knows who’s with you. Your online and in-store purchasing patterns are recorded, and reveal if you’re unemployed, sick, or pregnant. Your e-mails and texts expose your intimate and casual friends. Google knows what you’re thinking because it saves your private searches. Facebook can determine your sexual orientation without you ever mentioning it.
The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we’re offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches.
Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. The result is a mass surveillance society of our own making. But have we given up more than we’ve gained? In Data and Goliath, security expert Bruce Schneier offers another path, one that values both security and privacy. He shows us exactly what we can do to reform our government surveillance programs and shake up surveillance-based business models, while also providing tips for you to protect your privacy every day. You’ll never look at your phone, your computer, your credit cards, or even your car in the same way again.
http://www.imdb.com/title/tt0119174/?ref_=fn_al_tt_1
Nicholas Van Orton is a very wealthy San Francisco banker, but he is an absolute loner, even spending his birthday alone. In the year of his 48th birthday (the age his father committed suicide) his brother Conrad, who has gone long ago and surrendered to addictions of all kinds, suddenly returns and gives Nicholas a card giving him entry to unusual entertainment provided by something called Consumer Recreation Services (CRS). Giving in to curiosity, Nicholas visits CRS and all kinds of weird and bad things start to happen to him.
https://www.youtube.com/watch?v=dfPcH9hyRgs
Zero day: An airliner’s controls abruptly fail mid-flight over the Atlantic. An oil tanker runs aground in Japan when its navigational system suddenly stops dead. Hospitals everywhere have to abandon their computer databases when patients die after being administered incorrect dosages of their medicine. In the Midwest, a nuclear power plant nearly becomes the next Chernobyl when its cooling systems malfunction. At first, these random computer failures seem like unrelated events. But Jeff Aiken, a former government analyst who quit in disgust after witnessing the gross errors that led up to 9/11, thinks otherwise. Jeff fears a more serious attack targeting the United States computer infrastructure is already under way. And as other menacing computer malfunctions pop up around the world, some with deadly results, he realizes that there isn’t much time if he hopes to prevent an international catastrophe. Written by a global authority on cyber security, Zero Day presents a chilling “what if” scenario that, in a world completely reliant on technology, is more than possible today---it’s a cataclysmic disaster just waiting to happen.
Trojan Horse : It's two years after the Zero Day attacks, and cyber-security analyst Jeff Aiken is reaping the rewards for crippling Al-Qaida's assault on the computer infrastructure of the Western world. His company is flourishing, and his relationship with former government agent Daryl Haugen has intensified since she became a part of his team.
But the West is under its greatest threat yet. A revolutionary, invisible trojan that alters data without leaving a trace---more sophisticated than any virus seen before---has been identified, roiling international politics. Jeff and Daryl are summoned to root it out and discover its source. As the trojan penetrates Western intelligence, and the terrifying truth about its creator is revealed, Jeff and Daryl find themselves in a desperate race to reverse it as the fate of both East and West hangs in the balance.
A thrilling suspense story and a sober warning from one of the world's leading experts on cyber-security, Trojan Horse exposes the already widespread use of international cyber-espionage as a powerful and dangerous weapon, and the lengths to which one man will go to stop it.
Rogue Code: Cyber security expert Jeff Aiken knows that no computer system is completely secure. When he’s called to investigate a possible breach at the New York Stock Exchange, he discovers that not only has their system been infiltrated but that someone on the inside knows. Yet for some reason, they have allowed the hackers to steal millions of dollars from accounts without trying to stop the theft.
When Jeff uncovers the crime, the NYSE suddenly turns on him. Accused of grand larceny, Jeff must find and expose the criminals behind the theft not just to prove his innocence but to stop a multibillion-dollar heist that could upend the U.S. economy. Unwilling to heed Jeff’s warnings, the NYSE plans to continue with a major IPO using a new, untested system, one that might be susceptible not only to hackers but to ruthless high-frequency traders willing to take any risk to turn a profit.
Now Jeff Aiken must uncover the truth on his own, following the thread to the back alleys of Rio de Janiero to take on one of the world’s most ruthless cartels.
Rogue Code delivers an intense thriller about a cyber threat that seems all-too-possible—and the Wall Street traders who might allow it to happen.
http://futurecrimesbook.com/
Technological advances have benefited our world in immeasurable ways, but there is an ominous flip side: our technology can be turned against us. Hackers can activate baby monitors to spy on families, thieves are analyzing social media posts to plot home invasions, and stalkers are exploiting the GPS on smart phones to track their victims’ every move. We all know today’s criminals can steal identities, drain online bank accounts, and wipe out computer servers, but that’s just the beginning. To date, no computer has been created that could not be hacked—a sobering fact given our radical dependence on these machines for everything from our nation’s power grid to air traffic control to financial services.Yet, as ubiquitous as technology seems today, just over the horizon is a tidal wave of scientific progress that will leave our heads spinning. If today’s Internet is the size of a golf ball, tomorrow’s will be the size of the sun. Welcome to the Internet of Things, a living, breathing, global information grid where every physical object will be online. But with greater connections come greater risks. Implantable medical devices such as pacemakers can be hacked to deliver a lethal jolt of electricity and a car’s brakes can be disabled at high speed from miles away. Meanwhile, 3-D printers can produce AK-47s, bioterrorists can download the recipe for Spanish flu, and cartels are using fleets of drones to ferry drugs across borders.With explosive insights based upon a career in law enforcement and counterterrorism, Marc Goodman takes readers on a vivid journey through the darkest recesses of the Internet. Reading like science fiction, but based in science fact, Future Crimes explores how bad actors are primed to hijack the technologies of tomorrow, including robotics, synthetic biology, nanotechnology, virtual reality, and artificial intelligence. These fields hold the power to create a world of unprecedented abundance and prosperity. But the technological bedrock upon which we are building our common future is deeply unstable and, like a house of cards, can come crashing down at any moment. Future Crimes provides a mind-blowing glimpse into the dark side of technological innovation and the unintended consequences of our connected world. Goodman offers a way out with clear steps we must take to survive the progress unfolding before us. Provocative, thrilling, and ultimately empowering, Future Crimes will serve as an urgent call to action that shows how we can take back control over our own devices and harness technology’s tremendous power for the betterment of humanity—before it’s too late.
http://www.imdb.com/title/tt3560060/
S02E16
The team trails a vigilante killing the biggest offenders of objectionable posts on social media.