Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

EEAS - Cultivate your data protection


Published on

As the last speaker on the day after the Data Protection Day, I tried a different approach to the story of data protection and information security. I assembles a selection of movies, series, books (fiction and non-fiction) and games that any staff member should be able to go through themselves - as they please and at their own rhythm - and piece by piece learn about data protection and information security. In a way they can cultivate their own data protection awareness.

Published in: Education
  • Be the first to comment

  • Be the first to like this

EEAS - Cultivate your data protection

  1. 1. Cultivate your data protection 29 January 2018 Tommy Vandepitte
  2. 2. Theory
  3. 3. Reaction
  4. 4. Bruce Schneier: the basics
  5. 5. Storytelling
  6. 6. Mr Robot
  7. 7. Wargames
  8. 8. Puppet on a string?
  9. 9. Types of attackers
  10. 10. Loot
  11. 11. The delete button
  12. 12. Echelon
  13. 13. The walls are listening The good wife
  14. 14. Mark Russinovich
  15. 15. Hustle
  16. 16. Marc Goodman
  17. 17. CSI Cyber
  18. 18. Time is of the essence
  19. 19. The Circle
  20. 20. Black mirror
  21. 21. Data protection wisdom • There is a difference between feeling secure and being secure • Stay curious • Think long term
  22. 22. Data protection in layers • PHYSICAL LAYER • accompany visitors • wipe boards • keep a clear desk • DEVICE LAYER • keep your device in sight or locked under lock and key • don’t put your device (laptop, smartphone, …) visible • put something over the camera / microphone of your device if you don’t need it • know whether or not your device is encrypted • keep the amount of data on your device as limited as possible
  23. 23. Data protection in layers • NETWORK LAYER • do not connect to public wifi or wifi without a password • close wifi and bluetooth when you are not using them • when web browsing, pay attention to the https connection • when web browsing, pay attention to websites that look similar but are different (typo,…) • pay attention when something on a website changes • APPLICATION LAYER • be selective with the applications you install on your device • switch automatic updates of the applications on
  24. 24. Data protection in layers • PASSWORDS / AUTHENTICATION • use two-factor authentication (something you know and something you have) when possible • always change the default password • use a password manager • don’t use a password, use a passphrase; longer is always better • change passwords regularly • beware of websites that are able to provide you with your password, they should not be • BACKUP • have backups of the data you cannot or should not loose • periodically test a restore of you backup
  25. 25. Data protection in layers • PUBLIC SPACES • be aware of what you say in public spaces (on the train, in a pub,…) • avoid shouldersurfing • SOCIAL MEDIA • be aware of your digital footprint • actively manage your settings • don’t use anything that is publicly available to create your password or security questions • consider using an (obfuscating) account or email address specifically for newsletters or fora that don’ • SOCIAL ENGINEERING • try to be aware if someone lures you to an unusual (web)location • help people without compromising the security protocols • if something sounds to good to be true, it most likely is
  26. 26. Data protection in layers • Incidents / accidents will happen • Accept it / admit them • Report it so the consequences can be mitigated