Repository of materials
"An Open, Safe and Secure Cyberspace" EU Cyber Security Strategy
- Code of EU online rights
- eIDAS infographic
- 2014 Brokerage model for Network and Information Security in Education http://www.enisa.europa.eu/activities/stakeholder-relations/nis-brokerage-1/brokerage-model-for-network-and-information-security-in-education
- 2013 Roadmap for European Cyber Security Month http://www.enisa.europa.eu/activities/stakeholder-relations/nis-brokerage-1/european-cyber-security-month-advocacy-campaign/2013
- 2012 reports: Be Aware, Be Secure. Synthesis of the results of the first European Cyber Security Month
The report provides a synthesis of the results of the European Cyber Security Month (ECSM) which took place as a pilot project across Europe throughout last October 2012. The report gives an overview of the security-related weeks organised at national level by the eight participating countries - the Czech Republic, Luxembourg, Norway, Portugal, Romania, Slovenia, Spain and the United Kingdom -; describes the role played by ENISA as coordinator of the organisation of the ECSM; and finally identifies a set of lessons learned which could be applied to future ECSMs.
Network Information Security (NIS) in Education
Collaborative Solutions For Network Information Security in Education
- 2011 report: European Month of Network and Information Security for All - A feasibility study
- 2010 reports: Promoting information security as a cultural and behavioural change; Training material for small and medium enterprises;
Information security tips for employees; Internet safety tips for parents and guardians; Online as soon as it happens; How to shop safely online;
- 2009 reports: The growing requirement for information security awareness; Guidelines for parents, guardians and educators on child online protection; Information security awareness in financial organisations - Guidelines and case studies; ENISA’s ten security awareness good practices; ATM crime - Overview of the European situation and golden rules on how to avoid it; https://www.enisa.europa.eu/activities/cert/security-month/deliverables/2009
- 2008 reports: Secure USB flash drives; Secure printing; The new users’ guide: how to raise information security awareness; Children on virtual worlds - What parents should know; Obtaining support and funding from senior management while planning an awareness initiative;
Information security awareness in financial organisations; Social engineering: Exploiting the weakest links; Security awareness management in local governments: Approaches in Scandinavia; Awareness raising quizzes templates: Targeting parents, end-users and SMEs;
- Crime Prevention Advice https://www.europol.europa.eu/content/page/crime-prevention-advices-129
- Videos https://www.europol.europa.eu/content/page/video-gallery;
- Geosocial Networking https://www.europol.europa.eu/sites/default/files/publications/geosocialnetworking.pdf
- EC3 activities for Safer Internet Day https://www.europol.europa.eu/ec3/safer-internet-day-2013
- 11 Common sense tips to avoid becoming a fraud victim http://cybersecuritymonth.eu/references/On-line_fraud_victims_11%20tips%20.pdf
- ID theft DO's and DON'Ts http://cybersecuritymonth.eu/references/ID_THEFT_DO2019s_-_DON2019Ts.pdf
- Payment card fraud prevention alert http://cybersecuritymonth.eu/references/Payment%20Card%20Fraud%20Prevention%20Alert.pdf
European Consumer Center
- Information on scams http://www.eccireland.ie/topic.php?topic=8
CEN WS ICT Skills
- eCompetence Framework for ICT Practitioners <ftp://ftp.cen.eu/CEN/AboutUs/Publications/e-CF_leaflet.pdf>
- eCompetence Framework for ICT Users <ftp://ftp.cen.eu/CEN/Sectors/List/ICT/ICT Brochure A4 LR.pdf>
- ICT-Skills CWAs <http://www.cen.eu/cen/Sectors/Sectors/ISSS/CWAdownload/Pages/ICT-Skills.aspx> developed by CEN WS ICT Skills
Here are some OWASP tools, games, videos and document resources that are helpful for developers interested in secure coding and application security in general.
- OWASP Cheat Sheets
The OWASP Cheat Sheets provide a concise collection of high value information on specific web application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics.
- OWASP Proactive Security Controls
OWASP Top Ten Proactive Controls is a list of security techniques that should be included in every software development project.
- OWASP Top Ten
The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are.
- OWASP Software Assurance Maturity Model (OpenSAMM) The Software Assurance Maturity Model (SAMM) is an open framework to help formulate and implement a strategy for software security that is tailored to the specific risks facing the organization.
- OWASP Application Security Verification Standard The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls.
- Application Security Guide for CISOs
This CISO guide is written to help CISOs that are responsible for managing application security programs from the information security and risk management perspectives. https://www.owasp.org/index.php/Application_Security_Guide_For_CISOs
- OWASP Testing Project
The aim of the project is to help people understand the what, why, when, where, and how of testing web applications.
OWASP Cornucopia is a card game used to help derive application security requirements during the software development life cycle.
The OWASP Hackademic Challenges Project is an open source project that helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlable and safe environment.
- Videos & Podcast Series:
OWASP AppSec Tutorial Series
OWASP AppSec Tutorial Series is a collection of video lessons that are designed to teach various topics in application security.
- OWASP Podcast Series
OWASP 24/7" is series of recorded broadcasts, highlighting OWASP projects and people from around the world. With over 43,000 members in 100 countries, the OWASP 24/7 channel is available on demand, at anytime, anywhere on the planet.
OWASP Zed Attack Proxy
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like: The OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST.
OWASP Python Security Project
OWASP project that aims at creating a hardened version of python that makes it easier for security professionals and developers to write applications more resilient to attacks and manipulations.
- Febelfin http://www.safeinternetbanking.be
The number of internet banking fraud cases increases every year. Phishing is the most frequently used method. Febelfin launched a YouTube video called ‘See how easily freaks can take over your life’ in which it draws the attention to the precautions for safe internet banking.
Video 1: Security clip showing the risks of sharing too much online "See how easily freaks can take over your life" :http://www.youtube.com/watch?v=Rn4Rupla11M
Video 2: Security clip showing the risks of sharing too much online "Amazing mind reader reveals his 'gift' ": http://www.youtube.com/watch?v=F7pYHN9iC9I Published on http://www.safeinternetbanking.be
a. How-To articles related to Information Security:
c. White papers for those more curious:
d. General news and information:
a. Brochures about different topics from Android Security to How to Backup:
b. Reports and statistics in Companies from Latin America:
e. Glossary of terms:
f. Articles for savvy users:
g. General news and information:
a. How-To Articles:
b. Security researcher’s advices:
c. General information and news:
- A practical guide for business travel with a downloadable brochure with recommendations to protect your assets when traveling
COBLUE CYBERSECURITY FOR MODERN SCALABLE CYBERSECURITY SOLUTIONS
- ID Theft quiz
Project from NORSIS http://www.idtyveri.info/id-theft/
- CERT-Slovenia: Videos to share representing topics of online security produced for 2012 ECSM pilot campaign, with English subtitles. The content includes topics such as: Nigerian scam “This is your lucky day”; Fake on-line stores “Everything's half price at Danny's!”; phishing “Hello, is this a bank?” Follow the link to watch the videos: http://www.youtube.com/playlist?list=PLUVdjpfSn3X8efezTgGa6jq-guRghskni
Specific AR campaigns world wide
- STOP. THINK. CONNECT.™ is the global cybersecurity awareness campaign to help all digital citizens stay safer and more secure online.
Singapore’s Cyber Security Awareness Day is championed by the Cyber Security Awareness Alliance
- CrypTool Portal
The CrypTool Portal raises awareness and interest in cryptography for everyone: http://www.cryptool.org/en/ctp-education-en
- Botnet protection guide
- ISACA www.isaca.org/cyber