# overall unit feedback [TOC] ## Background - Reference: https://cryptpad.fr/kanban/#/3/kanban/edit/0e911d365afccf92a837875f83bf2fb0/ - pre kick off needs assessment: https://hackmd.io/Ir_Jx7gmRVy01xituwq_QQ - learning needs survey by Ana: - I still do not have access to the LNA, this feedback is without reference to the LNA ## Current units: Unit 1: Introduction to Digital Security Unit 2: Importance of Digital Safety & Security Unit 3: Common Cyber Threats & Attacks Unit 4: Understanding the Cyber Threat Landscape Unit 5: Risk Assessment Methodologies Unit 6: Safer Communication Unit 7: Safer Browsing Unit 8: Data Backup Unit 9: Device Security / Holistic Security Unit 10: Organizational Security ## Proposed changes: | Date | Unit | Rationale | | -------- | -------- | -------- | | 1 Jun | 1. Introduction to Digital Security | as this session touched on personal security, I suggest to have personal mapping as an exercise | | 8 Jun | 2. Digital security threat and landspace | Introduce common threats CSO faced: device confiscation, doxxing, account takeover/phishing. | | 15 Jun | 3. Safer communication | merge the current unit 2 (securing personal information) and unit 3 (safer comms); content are similar [comments](https://hackmd.io/gF9zH1FPSVaG5tvTSVCM5Q) | | | 22 Jun | 4. Account protection | - focus on pw manager + 2fa/mfa | | 29 Jun | 5. Safer browsing | Comments in [cryptpad](https://cryptpad.fr/pad/#/2/pad/edit/WvVWWjP4qvRneJ1IgFKznsGI/) and on VPN [cryptpad](https://cryptpad.fr/pad/#/2/pad/edit/DURsuze2bXoT5vaBosdbgNVH/) | | 6 Jul | 6. Risk Assessment | 1. general Risk assessment 2. tool assessment categories | | 13 Jul | 7. Device security | I suggest merge backup with this, comment in [cryptpad](https://cryptpad.fr/pad/#/2/pad/edit/p94yCPvIXyWNUWqUEzkzd2Ou/) | | 20 Jul | 8. holistic security: psychosocial | to get external speaker | | 27 Jul | 9. Placeholder: potentially a physical security session | I personally think physical security is quite straightforward - but it could be useful for fellows | | 3 Aug | 10. organisational security | no existing cryptpad, my thoughts: to include, what specific organisational needs, this module would make links with all the modules above, esp psychosocial security and as a lgbt org in a criminalised context; oftentimes under resourced (esp good human resource), have little time, no time to adopt, but persistently high vigilant. (also good to add Belle's queer joy) | | 10 Aug |11. Intro to ADIDS | I think we should cover at least one training method. If we only need to cover 10 units, we can replace the physical security session with this | | 17 Aug | Text | Text | | 24 Aug | Text | Text | ### rationale: - the above units would cover most tools digisec trainers should know: PGP, pw manager, and 2fa. i think more advanced - holistic security session(s) helps broaden security lens - risk assessment and organisational security are more practical and would ideally use real life example and experiences. these two sessions also connect other units together. --- ## Questions: 1. what do we do for the remaining august days - an idea i have is to hold mentoring sessions for project - but i would also like to know if there is already existing plan for that