Awareness Raising and Capacity Building
|
In awareness raising, education and research, the academic and research community will contribute to the cyber security assurance system through their higher-education programmes and courses on cyber security at all levels of education, and through the results of research organisations. The system will also be open to civil society's initiatives. This applies primarily to initiatives for improvements and assistance in raising awareness among various target groups by professional associations (Slovenian associations and the Slovenian sections of international associations in the field of information and communication technologies and cyber security).
Awareness-raising draws on the experiences from prevention and response phases so that users are acquainted with actual risks and effective methods of avoiding them. The methods and contents of awareness raising (programmes) are adjusted to various target groups to the greatest possible extent.
Safety of citizens in cyberspace:
-
Carrying out regular implementation of awareness-raising programmes on cybersecurity.
-
Introducing cybersecurity content in education and training programmes.
-
Including cybersecurity topics in the curriculum at different levels of education for children and adolescents.
-
Adjusting awareness-raising programmes for the remaining population and business entities are developed.
-
Promoting the development and introduction of new technologies in the field of cybersecurity.
-
Regularly carrying out awareness raising programmes on cybersecurity for businesses.
Capacity-building:
-
The use of encryption solutions, as one of the cornerstones of cyber security assurance, is encouraged.
-
Building human resource and technological strengthening of bodies at the operative level of cyber security assurance system along with the implementation of SIGOV-CERT.
-
Gradually upgrading state body HKOM networks with equipment that is appropriately approved by the Slovenian authorities as being safe and suitable for use.
-
Implementing competent checks of safety and functionality of IT equipment within the existing and newly established bodies.
-
Making regular assessment of risks to the operation of the critical infrastructure of the ICT support sector and planning appropriate protection measures and updating risk assessment in this field.
|
Educational and Awareness Initiatives
|
Slovania has two awareness-raising projects.
Since 2011, SI-CERT has been raising national awareness and running an educational programme "Safe on the Internet". This programme is targeted at the general public with specific content for small businesses, craftsmen and sole proprietors with the aim of raising awareness on the safe use of the Internet. The project is financed by the Ministry of Education, Science and Sport, is also participating in the campaigns of the European month of cyber security.
-
The Centre for Safer Internet (SAFE.si) is run by a consortium consisting of the Faculty of Social Sciences, ARNES, Slovenian Association of Friends of Youth and the Youth Information and Counselling Centre of Slovenia - MISSS, funded by the Directorate-General Connect of the European Commission and the Ministry of Education, Science and Sport for running SAFE.Si, TOM Telephone and the Web Eye projects. The SAFE.SI programme operates as a national point for raising awareness among children and adolescents about the safe use of the Internet and mobile devices. The TOM Telephone program also informs children and adolescents about the safe use of the Internet and mobile devices. Web Eye is an online reporting point.
-
Education Sector: IT or cyber security is included in the higher school study programmes at several institutions of higher education.
|
Higher Education Courses on Cybersecurity
|
-
Faculty of Computer and Information Science, University of Ljubljana - Computer and Information Science, Master's study programme. Course title: Cryptography and Computer Security. European Credit Transfer System (ECTS): 6. Information/computer security describes means to control access to information systems and their contents in to prevent unauthorised use. Cryptography provides maximum security while at the same time preserving the flexibility of digital media. It forms the foundation of an information society, enabling privacy, data integrity, digital authentication/signatures, digital cash, and other goals. It incorporates mathematics, computer science, electrical engineering, finance, policy, defence, etc. The courses covers the following topics, among others: Symmetrc cryptography, block ciphers, stream ciphers, cryptoanalysis and statistical methods, public-key cryptosystems, key agreement protocols, identification schemes, quantum cryptography, security of programmes, databases, OS, network communications, patents and standards (ISO, IEEE, IETF). Learning outcomes: mastering the basic problems of computer security and the detailed structure of the most famous cryptosystems and ability to connect these areas, propose specific solutions and implement or maintain cryptosystems; applying and proposing/evaluating effective solution; understanding connection between theory and practice of computer security. The course is a foundation for several courses that study computer systems and networks, telecommunications, digital forensics, electronic and mobile commerce, etc. Students will gain a theoretical foundation for a variety of practical problems that are encountered in the field of computer security and cryptography.
-
Faculty of Computer and Information Science, University of Ljubljana - Computer and Information Science, Master's study programme. Course title: Digital forensics. European Credit Transfer System (ECTS): 6. The course covers the following topics, among others: digital evidence and computer crime; EU and USA technology and legal framewotk; investigating procedures and recontruction; encryption; forensic science and computers; forensic analysis; forensic science and networks; digital evidence (physical layer, link layer, network kayer; Internet); intrusion and reconstruction. Learning outcomes: understanding basic terms in forensic science and details of a computer system, combining knowledge of both.
-
Faculty of Computer and Information Science, University of Ljubljana - Computer and Information Science, Master's study programme. Course title: Information Security and Privacy. European Credit Transfer System (ECTS): 6. The course covers the following topics, among others: Key standards and organisations (ISO, ITU-T, IETF, W3C, OASIS, OMA); security mechanisms, security services (principles and practical implementations of authentication, confidentiality, integrity, non-repudiation, access control, logging and alarming), public key infrastructure (time base, name space management, operational protocols), quantum computing basics (quantum key exchange); authentication, authorisation and accounting; infrastructure; security of physical and data layers; security of network, transport and application layers, including internet of things and clouds; privacy management and privacy by design (sensor networks, RFID systems) with trust management and reputation management basics in services oriented architectures; secure programming; risk management in information security, organisational views and human factor views (security policies, human factor modelling and simulations). Accreditation and auditing of IS related to security (ISO 2700X, CISSP), and standards for technical implementations of hardware and software components (Common Criteria). Learning outcomes: Principles for providing security and privacy in information systems; standard solutions in this area; administering security and privacy of information systems; qualified for internal security and privacy auditing; defining security policy.
|
EU Cyber Professional Register for national stakeholders
|
The CYBERWISER.eu CyPR is all about boosting opportunities in the cybersecurity marketplace.
This European Cybersecurity Professional Register is the place where professionals, juniors or seniors, can promote their specific skill sets and experiences in cybersecurity, courses taken and qualifications.
Organisations of any size or sector from SMEs to large companies and public institutions can find and contact the right skills and experiences they need to improve their IT security posture.
|