Security resources organized by topic: Difference between revisions

From TCU Wiki
Kristin1 (talk | contribs)
Kristin1 (talk | contribs)
Line 130: Line 130:
Once we have clarity about the threats we face during our activities, we can begin to organize our security protocols into security plans or agreements. There are three main areas to consider when developing any security plans:  
Once we have clarity about the threats we face during our activities, we can begin to organize our security protocols into security plans or agreements. There are three main areas to consider when developing any security plans:  


# Prepare -- What can you do now to prepare for when this threat happens?
# '''PREPARE: Prevention of threats''' - Most security plans will include tactics which aim to prevent identified threats from taking place (i.e. reducing their likelihood). This will include:
# Respond -- How will you and your team respond when the threat occurs?
## Identify & assess the threats and your vulnerabilities
# Treat -- How will you take care of your team after the threat has happened?
## Develop security policies and procedures
Prepare:
## Implement preventive measures
* Identify & assess the threats and your vulnerabilities: This involves systematically analyzing your    assets (physically, digitally) to understand potential threats and knowing    your vulnerabilities that could be exploited.
## Invest in Security Awareness Programs
* Develop security policies and procedures: Create clear policies outlining acceptable behavior regarding    physical and digital security, and incident reporting.
## Conduct Security testing
* Implement preventive measures: based on identified threats, implement safeguards procedures and    tools, with considering staff training programs to minimize the potential    threats impact.
# '''RESPOND: Emergency responses''' - Emergency plans, also called contingency plans, are the actions which we take in response to a threat becoming a reality. This will include:
* Invest in Security Awareness Programs: regularly educate your staff/colleagues on the founded security     plans and measures, this empowers them to identify, respond and report    effectively.
## Build Incident Response Plan
* Conduct Security testing: regularly assess the effectiveness of security measures through    penetration testing (simulated attacks) and security drills. This helps    identify weaknesses and refine procedures.
## Communication Strategy
## Business continuity plan
## Disaster recovery plan (Data Backups and Recovery)
## Communication and Collaboration
# '''TREAT: Well-being considerations''' - Actions we take to maintain our physical energy and a mindful approach to our work and our security –it may include such considerations as where and when we will eat, sleep, relax and enjoy ourselves in the course of our work. This will include:
## Analyze lessons learned
## Recovery and Remediation
## Psychological safety considerations,
## Review and update your security plans and approach
For more information, read [[Index.php?title=general guidance for creating security plans and agreements|'''General guidance for creating security plans and agreements''']] and review [https://holistic-security.tacticaltech.org/chapters/strategise/3-3-creating-security-plans-and-agreements.html this chapter of the Holistic Security Manual].  


'''Respond:'''
Additional resources:   
 
* '''Build Incident Response Plan:''' develop a clear plan outlining actions to be taken in case of a    security threat. This includes identifying the designated responders,    notification procedures (internal teams, authorities), and containment    strategies to mitigate impact.
* '''Communication Strategy:''' Establish a communication plan for internal and external    stakeholders during a security incident. This ensures timely and accurate    information is disseminated, minimizing confusion and panic.
* '''Business continuity plan:''' A strategy to ensure critical operations continue with minimal    disruption during an incident.
* '''Disaster recovery plan (Data    Backups and Recovery):''' establish a specific plan for    recovering IT systems and data, maintain robust data backup and recovery    procedures to ensure business continuity in case of after a disaster like    a fire, flood, or cyberattack.
* '''Communication and Collaboration:''' effective communication and    collaboration across teams are crucial for successful incident response    and recovery.
* '''Train your people:''' Regularly train staff on security policies, incident reporting    procedures, and their roles during a contingency.
 
'''Treat:'''
 
* '''Analyze lessons learned:''' conduct a thorough assessment to    understand the cause and scope of the security incidents. This helps    identify your vulnerabilities, prevent future occurrences, and establish    better prevention plans.
* '''Recovery and Remediation''': Implement measures to restore    affected systems and data. This might involve patching vulnerabilities in    software, restoring lost data from backups, and implementing additional    security measures to prevent similar incidents.
* '''psychological safety considerations,''' give priority to those affected by incident, and ensure that    appropriate care is provided to them if physically or psychologically    injured, and treat with causes of the incident accordingly later.
* '''Review and update your security plans and approach:''' Following an incident, review your security posture and update    policies, procedures, and preventative measures based on the lessons    learned.
 
Review [https://holistic-security.tacticaltech.org/chapters/strategise/3-3-creating-security-plans-and-agreements.html this chapter of the Holistic Security Manual].
 
[[General guidance for creating security plans and agreements]]
 
Resources:   


* Consumer Reports [https://securityplanner.consumerreports.org/ '''Security Planner'''] is a free, easy-to-use guide to staying safer online. It provides personalized recommendations and expert advice on topics such as keeping social media accounts from being hacked, locking down devices ranging from smartphones to home security cameras, and reducing intrusive tracking by websites.
* Consumer Reports [https://securityplanner.consumerreports.org/ '''Security Planner'''] is a free, easy-to-use guide to staying safer online. It provides personalized recommendations and expert advice on topics such as keeping social media accounts from being hacked, locking down devices ranging from smartphones to home security cameras, and reducing intrusive tracking by websites.

Revision as of 18:50, 18 June 2024

Building awareness of how we respond to threat and stress

Developing a useful security strategy is heavily dependent on our perception – we need to be able to identify and analyse threats in order to implement ways of avoiding or reducing them. But we all perceive the world around us differently based on our circumstances, experiences and many other factors. As a result, our perception can sometimes be hindered: threats which may be evident to some people may go unrecognised by others; similarly, we also need to be able to tell the difference between threats which are genuinely possible and those which we falsely perceive, called 'unfounded fears'. It's a good idea to become familiar with factors that condition our perceptions of threat, and consider ways that we can take these into account in our security planning. (Source: Holistic Security Manual)

Resources:

Understanding our threats and context

Situation monitoring and analysis

Situation monitoring and analysis is the broadest kind of analysis of our context: observing the political, economic, social, technological, legal and environmental developments in society which are relevant to our work, and may impact our security situation. (Source: Holistic Security Manual)

Exercise: Pestle analysis (Holistic Security Manual)

Tool: Research Database on transnational repression - This collection of research reports on transnational repression can help human rights defenders better understand:

  • Transnational Repression (TNR) threats that are possible, to determine appropriate mitigation techniques
  • Which TNR threats are unlikely, in order to alleviate fear
  • What exiled HRDs can expect from a host country in terms of protection measures
  • Existing campaigns to strengthen protection for exiled HRDs

Identifying, analyzing and prioritizing threats

Map the actors

It is valuable to get a clear picture of all the actors in our environment (individuals, institutions, organizations, etc). Threats almost always come from someone or something. Knowing as much as we can about the actors in our context improves our perception of our environment and thereby, our ability to carry out activities to maintain or expand our space for work. (Source: Holistic Security Manual)

Exercise:

Brainstorm threats

This exercise is a first attempt at identifying the threats to yourself, your group or organization and your work in defense of human rights. This initial list of threats can then be refined so as to focus in more depth on the threats which are most likely or potentially most harmful. (Source: Holistic Security Manual)

Exercise: Threat brainstorm (Holistic Security Manual)

Analyzing risk, prioritizing threats

Threats can be viewed and categorized in light of the following: the likelihood that the threat will take place, and the impact if and when it does. Likelihood and impact are concepts which help us determine risk: the higher the likelihood or impact of a threat, the higher the risk. Categorizing threats can help to keep us from feeling overwhelmed and keep our perception of threats realistic. (Source: Holistic Security Manual)

Exercise: Threat matrix (Holistic Security Manual)

Tools:

  • The Ford Foundation’s Cybersecurity Assessment Tool (CAT) is designed to measure the maturity, resiliency, and strength of an organization’s cybersecurity efforts. We have created this questionnaire with busy nontechnical grant makers, grantee partners, civil society organizations, and nonprofits in mind, and we hope it helps shine some light on a recommended path forward for any organization undertaking a cybersecurity journey

Analyze threats

This exercise will help you prioritize threats and divine the causes, ramifications, sources as well as the required resources, existing actions and possible next steps.

Exercise: Threat inventory (Holistic Security Manual)

Risk mitigation

In order to build a response to the threats we face, we can consider them in terms of the factors which make us more or less susceptible to them. Read more in this chapter of the Holistic Security Manual.

Mitigation techniques for common threats to information

Threat Mitigation techniques and links to guidance
Data loss
Compromised accounts
Device inspection at checkpoints
Device confiscation or theft
Information handover
Targeted malware or spyware
Surveillance and monitoring
Website hacking and takeover

Other important considerations when collecting, storing, using sensitive information:

Consideration Resources
Make sure you have informed consent from the people you are collecting information Guidance on informed consent

Mitigation techniques for online harassment

How to deal with online harassment and threats

Security planning

Once we have clarity about the threats we face during our activities, we can begin to organize our security protocols into security plans or agreements. There are three main areas to consider when developing any security plans:

  1. PREPARE: Prevention of threats - Most security plans will include tactics which aim to prevent identified threats from taking place (i.e. reducing their likelihood). This will include:
    1. Identify & assess the threats and your vulnerabilities
    2. Develop security policies and procedures
    3. Implement preventive measures
    4. Invest in Security Awareness Programs
    5. Conduct Security testing
  2. RESPOND: Emergency responses - Emergency plans, also called contingency plans, are the actions which we take in response to a threat becoming a reality. This will include:
    1. Build Incident Response Plan
    2. Communication Strategy
    3. Business continuity plan
    4. Disaster recovery plan (Data Backups and Recovery)
    5. Communication and Collaboration
  3. TREAT: Well-being considerations - Actions we take to maintain our physical energy and a mindful approach to our work and our security –it may include such considerations as where and when we will eat, sleep, relax and enjoy ourselves in the course of our work. This will include:
    1. Analyze lessons learned
    2. Recovery and Remediation
    3. Psychological safety considerations,
    4. Review and update your security plans and approach

For more information, read General guidance for creating security plans and agreements and review this chapter of the Holistic Security Manual.


Additional resources:

  • Consumer Reports Security Planner is a free, easy-to-use guide to staying safer online. It provides personalized recommendations and expert advice on topics such as keeping social media accounts from being hacked, locking down devices ranging from smartphones to home security cameras, and reducing intrusive tracking by websites.
  • NIST Cybersecurity Framework 2.0:  Small Business Quick Start Guide - provides small-to-medium sized businesses (SMB), specifically those who have modest or no cybersecurity plans in place, with considerations to kick-start their cybersecurity risk management strategy using the NIST Cybersecurity Framework (CSF) 2.0. (by the National Institute of Standards and Technology)

Security planning on specific topics

Building a culture of security within a team

LevelUp is a collection of resources for the global digital safety training community.

Organisational security community wiki is a resource created by and for security practitioners from all backgrounds to share useful resources and document innovative approaches to long-term security work.

Resource collections

Digital First Aid Kit - The Digital First Aid Kit is a free resource to help rapid responders, digital security trainers, and tech-savvy activists to better protect themselves and the communities they support against the most common types of digital emergencies. It can also be used by activists, human rights defenders, bloggers, journalists or media activists who want to learn more about how they can protect themselves and support others. If you or someone you are assisting is experiencing a digital emergency, the Digital First Aid Kit will guide you in diagnosing the issues you are facing, and refer you to support providers for further help if needed.

Access Now Help Desk documentation

CyberSTAR, by SecDev, makes it easier for small organizations and individuals to understand and manage digital safety by organizing it around six themes. This site presents learning resources to help you be safer online—plus teaching resources for digital safety trainers.


More info:

Secure storage for sensitive information

Secure access to sensitive information

Secure your devices