Libraries to provide frontline defence against cyber threats

Public Safety Canada and the Smart Cybersecurity Network (SERENE-RISC) are teaming up to tackle one of the biggest challenges facing online security: persuading Canadians to adopt practices that have been scientifically proven to work.

Canada is a global leader in cybersecurity. Yet, while much is known about how to stay safe and secure online, too many Canadians still don’t apply basic security practices, such as creating strong passwords, updating their operating systems, and using only protected wireless networks. That leaves their devices vulnerable to viruses, malware and other cybersecurity threats. Cyber-attacks also undermine confidence in Canada’s digital economy, a major driver of innovation and prosperity.

SERENE-RISC has worked to bridge that gap since its launch in 2014, collaborating with academic experts, government agencies and companies to find practical ways to widely share proven research and best practices with policymakers, company executives, academics, cybersecurity professionals and the general public.

“We can put as much information as we want on our website, but it’s not very useful if people don’t know it’s there and don’t put it into practice. One of our goals is to support positive change over the long term,” says Shirley McKey, Executive Director of SERENE-RISC, whose members include many of Canada’s best cybersecurity experts.

In December, the network received funding from Public Safety Canada’s Cyber Security Cooperation Program for the Cybersecurity Public Awareness Tools and Library Outreach Project. The goal is to translate the best scientific evidence into short, easy-to-understand video clips and other training materials that librarians and volunteers can use to help library users adopt good habits that improve their safety and security online.

“We saw how many people were using libraries so we thought it would make good sense to take the  cybersecurity tips we had developed and posted on our website, and turn that information into interactive training that could be folded into the computer and Internet courses many libraries already offer to their community,” explains McKey. “We’re also working with researchers who have up-to-date research on the use of computers and use of computers by older users, so we will be including the latest evidence in the training as well.”

The project was launched in March 2016 with one French-language and one English-language library, and will be promoted to more libraries across Canada. Initially, the project will primarily target seniors—the fastest growing group of Internet users in Canada—with some support as well for youth—the largest demographic of Internet users. Seniors and youth are also the two main users of libraries.

“We look forward to having our staff participate in the train-the-trainers program and to engaging our clients in the cybersecurity curriculum designed specifically for older computer-users. The evidence-based curriculum developed by SERENE-RISC will complement and enhance the IT training we currently offer,” says Elizabeth Thornley, Program Development, Ottawa Public Library.

With further funding, SERENE-RISC plans to expand the project and develop similar programs with other community groups, such as guiding/scouting organizations, high schools and community centres.

Good Habits for Online Security

1. Only plug trusted devices into your computer: USB keyboards, memory sticks and other USB-connected devices can contain undetectable malware that will infect your computer. Simply plugging in an unknown device can infect your computer. Make sure you obtain these devices from a reputable source.
2. Back it up: Back up your computer regularly. This ensures that you have a safe copy of your files in case something goes wrong. External hard drives or cloud services can be configured to back up your machine automatically.
3. Lock it: Lock your computer and don’t leave it unattended in public spaces. Physical access, even for a short period of time, enables hackers to tamper with your device, access your data, or install malicious programs.
4. Read twice, click once: Be careful what you click on. Don’t click on shortened links or strange links from untrusted sources. Check the complete address before you click, or type the address yourself if you are not sure.
5. Pay extra attention to typos: Type the URL (e.g.  www.serene-risc.ca) carefully. A typo can lead you to a malicious website and can have serious consequences.
6. Follow SERENE-RISC advice: Read the  cybersecurity 101 tips section carefully and follow the tips provided by SERENE-RISC to  pick a strong password, conduct  secure online banking,  avoid insecure Wi-Fi and more.