October is European Cybersecurity Month – an initiative of ENISA which aims to "promote cybersecurity among citizens, businesses, and public entities." Carlos Friaças, manager of the cybersecurity service of the National Research and Education Network (RCTS CERT), describes the work carried out by the National Scientific Computing Unit in its mission to improve security conditions and shares some advice that can make a difference.
This month marks European Cybersecurity Month. Could you explain the relationship between the FCT's National Scientific Computing Unit (FCCN) and the field of computer security?
The FCCN Unit effectively provides internet access to the Research and Education Community in Portugal. This entails managing a nationwide digital infrastructure that is naturally subject to attacks from the internet and participates in attacks when some of its nodes are infected. Therefore, an incident response team is required to address these situations and minimize damage.
Within this area, what projects are being promoted by the FCCN unit?
Recently, the focus has been on developing capabilities that transform the incident response team (CSIRT) into a security operations center (SOC). In this context, we have sought to develop new services aimed at strengthening the cybersecurity of entities linked to Science, Technology and Society Network (RCTS).
In this sense, what are the main added values in the area of Cybersecurity, from an institutional perspective, made possible by joining the Science, Technology and Society Network?
Free access to all RCTS CERT preventive and reactive services portfolioThis includes, for example, periodic website audits, awareness campaigns, or the use of a name resolution service that prevents communication with known malicious domains.
What are the main threats faced by institutions participating in FCCN's security services?
I believe the main threats are no different from those faced by most companies in Portugal today. The volume of fraudulent messages is enormous, either to infect users' devices or to hijack their authentication. Some distributed denial of service events also occur, but they are not very frequent. And, still regarding authentication, the value of a login/password from the RCTS community is significant, as the eduroam service provides... These credentials will allow internet access from higher education institution networks in around 70 countries.
One of the goals of the European Cybersecurity Month initiative is to highlight the importance of this topic to citizens. How do you assess the general public's awareness of the most important cybersecurity practices and principles?
I think there is a long way to go, despite the fact that in recent years there has been
There has been significant progress. High-profile cases actually amplify the importance of the issue (unfortunately, resulting in successful frauds), and people will become increasingly cautious, especially if they receive clear and simple messages about how to adopt them.
And what cybersecurity behaviors can make a difference, from the average user's point of view?
Exchange insights with other regular users in circumstances where there's even the slightest doubt. On the other hand, when options exist to increase security, they should be used—such as activating a second authentication factor (SMS, a code in an app, etc.). It's also helpful to keep in mind that there should always be context for any message received. Another behavior that will increase security, on an individual level, is not expecting "free lunches," because they don't exist (laughs).
Are there any other issues you would like to highlight within this area?
Cybersecurity Month is a useful initiative, but care and attention must be maintained throughout the year. As part of its mission to strengthen the cybersecurity of the infrastructures managed by the FCCN unit, RCTS CERT regularly collaborates with national and international teams and is open to expanding this cooperation with new teams.
