Title: Crisis Mapping and Cybersecurity – Part II: Risk Assessment
Author: Anahi Ayala Iacucci
Source: Diary of a Crisis Mapper blog
Date (published): 14/12/2011
Date (accessed): 15/12/2011
Type of information: blog post
Language: English
On-line access: yes (HTML)
Abstract:
"I have a background in human rights and humanitarian affairs, and in those fields you do something that I realized was not that common in the ICT world – or maybe it is just under reported – that is called risk assessment. How does a risk assessment look like?

There are several components to the matrix: there is the risk, the source (sometimes), the likelihood, the mitigation tool/measure and (sometimes) the independent variables. I truly believe that this matrix can help in understanding what are the things that we should focus our attention on and what are the things that we cannot change or we should just ignore. The very key factor in the use of this matrix though does not lie in the matrix, but in whom is filling it.
…
See also:Crisis Mapping and Cybersecurity – Part I: Key points"

Title: Towards a cyber security aware rural community
Authors: Marthie Grobler, Zama Dlamini, Sipho Ngobeni, Aubrey Labuschagne
Pages: 7 pp.
Source: Proceedings of the 2011 Information Security for South Africa (ISSA) Conference
Date (published): 10/08/2011
Date (accessed): 13/12/2011
Type of information: research paper
Language: English
On-line access: yes (pdf)
Abstract:
"A large portion of the South African rural community only have intermittent access to computers and are not familiar, nor entirely comfortable, with the use of internet communication or electronic devices. The research conducted by the authors of this paper confirms that this lack of awareness, combined with the inherent dangers posed by the internet, expose local communities to cyber threats. Especially rural communities are not always empowered to deal with these threats.

In an effort to prevent innocent internet users from becoming victims of cyber attacks, a cyber security awareness campaign is developed to educate novice internet and technology users with regard to basic cyber security. The motivation for this awareness project is to educate all South Africans on the safe use of the internet, in an attempt to strengthen the cyber security awareness level concerning the South African network. The hypothesis is that if there are local communities that are not properly educated, their technology devices may remain unprotected. This may leave the South African internet infrastructure vulnerable to attacks, posing a severe threat to national security and eventually affecting communities other than those directly involved.

This research paper focuses on promoting cyber security awareness towards the newly released broadband capability and knowledge transfer within rural communities by means of a voluntary community based training program. This program can be adapted in any environment other than rural communities, but the current focus has been in the rural areas. The program takes on an informal work session approach with presentations and discussion sessions. The cyber security awareness program modules are divided into four main themes: physical security, malware and malware countermeasures, safe surfing and social aspects of cyber security.
These themes are developed in such a way to cover a wide range of topics, including practical advice on phishing attack avoidance and more advanced topics such as preventing social engineering attacks. This paper will introduce the development of the cyber security awareness program, and emphasize the importance for including these specific themes at the hand of international cyber security incidents."