Cybersecurity Basic Learning Path - Cybersecurity and me: love or hate?
e-learning, e-banking, e-health, e-government, smart cities, smart cars,… all our lives are going digital. But how secure are our data or the services we use on a daily basis? How can we know? Who is in charge? Can we do something at our individual level? This learning path will take you to the answers to those questions, by first assessing where you are currently in terms of awareness and practice, before providing you with insight and recommendation to learn, detect and react to specific kinds of attacks or incidents. Through some games, you will also experiment the use of cryptography and phishing detection. CyberSecurity is a very large domain, covering all aspects of an information system and including many standards, methodologies, approaches and tools. This learning path is a first introduction to the field.
SOS Self-Assessment Tool
First things first, let’s start by looking at how aware you are about cybersecurity, protection of your data and your online activity. Through a set of questions, this nice tool will take you through different areas of cybersecurity for individuals and will provide recommendations to improve your level of awareness.
Now that you know where you are on the ladder climbing to cybersecurity expert, let’s dig a bit more into what is cybersecurity, some of the main challenges of keeping our online activity secure, and how to best protect our assets. This course, coming with exercises, covers topics like identity and privacy, securing communication, protecting hardware and network.
Shoot the Phish - Phishing Master
Phishing is one of the main attack vectors on the web; by propagating fake emails, it can take you to reveal important and private information like passwords, credentials, credit card information or any other type of sensitive information. This online game takes you through various examples of phishing. Will you be able to shoot all malicious cases?
CYBERWISER.eu Primer
At the core of cybersecurity lies the concept of risk; properly identifying and evaluating risks allows one to know what needs to be protected, against whom, and to design appropriate security measures. This online course first present the core concepts of a risk-based approach, before applying those concepts to several kinds of vulnerabilities and attacks like ransomware, data leakage, weak passwords and inside threats.
Crack the Code
Time to play: cryptography is an important tool for cybersecurity. It is used in many areas to protect confidentiality of data (among others) by transforming clear data into gibberish data, allowing the reverse process to be applicable only by authorized person. The strength of the transformation relies on the encryption algorithm. Let’s see how good you are at breaking the code. Don’t be fooled by the term ‘kids’ in the resource and show your ability to decode encrypted messages.
Passwords Are Like Underwear
Passwords are the key to access many services on the web. But what makes a password strong? Why should you use multiple passwords? Why should you renew your password regularly? Why should you never share a password with anyone? It is commonly said that passwords are like underwear. Check this article to understand why and gain some hints to use better passwords. You will also find an explanation of what makes a password strong, and even get the opportunity to test the strength of your own password.
Cybersecurity Awareness and Innovation
This online course will take you further through some specific topics and principles of cybersecurity that are of direct interest to individual users and should be applied by anyone. It starts with the concepts of digital identity and authentication (how do I prove my identity); then it presents several common attacks targeting the end-user, who is often considered as the weak link in the security chain. The security of the end devices (computer, tablets and applications) is covered next, before looking at the security of cloud services and mobile devices. The course is made of videos and practical exercises.
The Cybersecurity Landscape
This is another online course that covers different aspects of cybersecurity than the previous one; first of all, it focuses on the organization level rather than on the individual level. Secondly, it extends the range of covered topics by including network perimeter security, Bring Your Own Device (BYOD) risks and policy, web and operating systems security.
European Cybersecurity Skills Framework (ECSF)
Organisations and countries have to design plan to ensure appropriate level of protection and readiness, including awareness and talent availability. But how to choose a profession in cybersecurity? The European Cybersecurity Skills Framework (ECSF) is a practical tool to support the identification and articulation of tasks, competences, skills and knowledge associated with the roles of European cybersecurity professionals. It is the EU reference point for defining and assessing relevant skills, as defined in the Cybersecurity Skills Academy, which was recently announced by the European Commission. The ECSF summarises the cybersecurity-related roles into 12 profiles, which are individually analysed into the details of their corresponding responsibilities, skills, synergies and interdependencies. It provides a common understanding of the relevant roles, competencies, skills and knowledge mostly required in cybersecurity, facilitates recognition of cybersecurity skills, and supports the design of cybersecurity-related training programmes.
ENISA National Cyber Security Interactive Map
Talking about strategy and planning at organisation level, this interactive tool allows you to learn about the national cybersecurity strategies developed in the countries of the Union. It acts as an information hub, collecting objectives, organizations and documents released by the different countries. It is a work in progress, filling in as more content is made available.
CrypTool Portal (CTP)
For those interested in cryptography, this website offers different version of CryptTool, an open-source project to play with cryptographic functions. There is online or standalone version of the tool, that allows the user to experiment with real encryption algorithms like AES or RSA, hash functions, simple ciphers like Caesar’s, run the Enigma machine as in WWII, or learn the basics of cryptanalysis, i.e. how to break cryptographic methods
ENISA Cybersecurity Maturity Assessment Tool for SMEs
So far, recommendations were mainly oriented towards securing individual users. But how do you evaluate and improve the cybersecurity readiness of an organization? This online tool takes you through a 15’ quiz that will allow you to pinpoint possible vulnerabilities in your information system, as well as learn best practices to strengthen your skills and security measures. The quiz is targeted at SMEs, but touches upon topics that are applicable to wider environments.