Week 05: Operational Security

Author: Thomas Quig, Josh Park

Slides

Goal:

Learn about Operational Security and how its lessons are useful in your daily life


Topics Covered:

  • Threat modeling is the process of identifying and ranking threats in order to dedicate time and effort accordingly
  • Compartmentalization is making sure that your accounts are not linked together in order to limit the impact of a compromise of a single one
  • Rotation is the regular updating of passwords and online personas
  • Many experience "security fatigue" as learn more about security, overwhelming or depressing them from all they need to keep track of

How to Run this meeting:

  • Send out announcement on Weds night
  • Before meeting, modify the find something embarassing challenge to link to presenters profiles
  • Give presentation
  • Walk around and give out flags verbally

Description:

This meeting is structured a little differently than other ones: the challenges are meant to encourage you to secure your digital accounts and start applying lessons learned in the meeting. The meeting covers the basics of how to not get pwned, whether your threat model is state-funded agencies or just avoiding getting phished by email malware. It’ll cover a wide spectrum of threat models: from strategies used by CIA operatives and chief information security officers (CISOs) to strategies that are useful for students at UIUC.