You’ll learn how to recognise online security threats that could threaten you and what measures you can take to reduce your risk in this course led by Cory Doctorow. The course will enhance your online safety by incorporating topics such as ransomware, trojan viruses, network security, cryptography, identity theft, and risk management in the context of the larger world. The course is GCHQ Certified Training and IISP approved, and it is funded by the UK Government’s National Cyber Security Programme.
Threat landscape
Online, the new frontline
Meet your course guide, Cory Doctorow, and start to explore the security threat landscape. Learn basic techniques for protecting your computers and your online information. Learn about different kinds of threat, the vulnerabilities that they exploit and some countermeasures that can be put in place to guard against them. Most of us rely on the internet for everyday tasks such as shopping, working, banking and social networking but don’t stop to think about the security issues that might be involved.
Authentication
Many security threats depend on the attackers being able to impersonate us online. Passwords are the main way we authenticate ourselves to the services we use, therefore you’ll learn ways of improving the security of passwords. Just about every website you sign up to requires a password. What strategies do you use when choosing passwords? Two-factor authentication can also help with your security. How does it work and how do you implement it on your accounts?
Malware
Find out about different types of malware, how they developed and what damage they can do. Discover some of the terms used to describe malware. Learn about malware, phishing and click fraud. Confess to your bad habits and make a plan to change. How do can you protect yourself from malware? Learn about antivirus software, sandboxes and some tips on how to spot phishing emails.
Networking and communications
The internet is not a single entity, it is a hierarchy of individual networks connected to one another. Learn how information is moved through it. How secure is the internet? What can you do to keep your information secure? For the internet to function, common standards apply to every network. Find out what these are and how they operate.
Cryptography
Cryptography is a specialised area of mathematics concerned with securing information so that it can be transmitted safely even when there is a risk it might be intercepted. Examine how cryptographic techniques can be used in practice, install encryption software and send an encrypted email. There are hundreds of different cryptographic schemes, learn about some of the ways they are used.
Network security
How can you protect your communication networks from attack? Learn how a firewall can help. How does Virtual Private Networking work? What is it used for? When would you use one? How secure are they? You’ve probably seen a movie or TV programme featuring an attack on a computer network. The administrators rush to their keyboards and frantically begin typing – it’s all very exciting – but does this happen in real life?
When your defences fail
What do you do when things go wrong? Learn about the laws that protect you and your data, such as the Data Protection Act and the Computing Act, in the UK. Look at some of the laws in the UK, such as the Data Protection Act 2018 and the Computer Misuse Act 1990, that help to protect us against information security threats. Learn how to recover from an attack on your information security and what you can do to prevent a similar attack being successful in the future.
Managing security risks
Identify and analyse the risks to your own information assets. What information is most valuable? To whom? Learn what measures you can take to manage the risks to your information assets and to ensure that you stay safe online. Take stock of what you’ve learned and how it will affect your security measures and web practices. Take the end of course assessment and find out about the next steps.
What will you achieve?
Explain basic cyber security terminology; have skills for keeping up to date on cyber security issues; and be able to identify information assets. Describe basic authentication mechanisms; have skills to improve their password security; and be aware of alternative authentication methods. Identify main malware types; awareness of different malware propagation methods; and skills for preventing malware infections. Describe cryptography terminology; be able to use cryptography for email; be aware of applications of cryptography. Demonstrate understanding of firewalls, virtual private networks and network intrusion detection and prevention technologies. Describe legal and regulatory issues relating to cyber security; and understand how to recover from security failures. Apply basic risk analysis and management techniques.