Digital Security for Human Rights Defenders

Digital Security for Human Rights Defenders

Backgrounder

Human Rights Defenders (HRDs) have become increasingly reliant on information and communication technologies (ICTs) and social media to carry out their work. Because of these existing technologies and platforms HRDs can communicate and support each other; these enable the sharing of expertise, good practices, and resources in unprecedented ways. Access to new technologies has enabled HRDs to gather, document and analyse information to further improve their work, and as a result has enabled greater accountability for states to realise human rights obligations.

The use of ICTs and social media also presents risks on Human Rights workers. Using such technologies raises issues of digital security and privacy risks, likewise for those whom they protect and serve. Sensitive information related to human rights issues needs to be stored securely. HRDs and other civil society actors have been threatened, abused, detained or arrested for exposing abuses and violations online. The continuous advances in digital technologies necessitate everyone to be up to date on the benefits they provide and potential threats they pose.

In the age of surveillance, protecting yourself online is more important than ever. Learn privacy and security tools for mobile phone, computer and Internet usage. The two (2) sets of digital security training event to be conducted shall both cover the basics on encryption and data security, with strategies on how to be safer and smarter when communicating, sharing and storing your digital information.

Objectives

The goal of this course is for participants to increase their ability to ensure digital security and privacy. Beginning with a practical examination of concepts related to digital security and privacy, the course enables participants to realistically assess their current level of digital security and privacy. Through practical examples and case studies, the course encourages participants to increase their awareness of digital security and privacy with concrete tools and approaches to use in their work.
Expected Outcome

By the end of the course, participants will be able to…
• Apply basic risk analysis and set up effective security system
• Have skills for keeping up to date on cyber security issues and Identify the key components of cybersecurity network architecture
• Have skills to improve their password security
• Identify main malware types; awareness of different malware propagation methods; and skills for preventing malware infections.
• Identify security tools and hardening techniques
• Be able to use safe online communication tools
• Demonstrate understanding of firewalls, virtual private networks and network intrusion detection and prevention technologies.
• Describe legal and regulatory issues relating to cyber security; and understand how to recover from security failures.
• Re-echo to colleagues the lessons learned from the training

Course Outline

Session 1: Current trends and issues related to digital security and privacy (e.g. differences between online and
offline environments, use of mobile devices, public WiFi environments, etc.)
Session 2: Understanding basic concepts of digital security and privacy (e.g. encryption, anti-virus, malware,
secure web browsing, cookies, web history, metadata, etc.)
Session 3: Assessing personal and organisational threats with respect to digital security; how to keep information
secure
Session 4: Ensuring digital privacy, examining personal and organisational online information, digital profiles,
password protection, privacy measures, and encryption

Topics Covered

• Threat landscape: terminology, cyber security threats, keeping up to date
• Managing security risks: risk analysis and management
• Authentication: access control, passwords, two-factor authentication
• Malware: types of malware, attack vectors, preventing infection
• Networking and communications: fundamentals, security challenges, standards
• Encryption and Cryptography
• Network security: firewalls, virtual private networks, intrusion detection / prevention
• When your defences fail: cyber security laws, recovering from attacks
• The right tools & tactics: follow step-by-step recommendations to choose the right tools and actions that can shield you from viruses and malicious content.

Methodology

This two (2) day training course involves interaction between participants and instructor, quizzes and various group activities. The course is based on a participatory, active learning approach, with an emphasis on critical reflection and peer-to-peer learning.

Target Audience

Fifteen (15) Human Rights Defenders (per activity) facing online threats, and members of civil-society organizations experiencing cyber-security issues and possessing high risks and vulnerabilities susceptible to cyber-attacks.

Advertisements