During Bread&Net 2019, the MENA Digital Threats and Controls session discussed the most prevalent types of digital threats and patterns in the region. Additionally, experts also explored the basic digital security controls that users can adopt to protect their digital existence.
Ali Sibai, technologist and Rapid Response Network coordinator revealed that between 2010 and 2019, said that 17 countries in the region imported or used spyware of international companies, such as Blue code, Gumma Group, and NSO GROUP. At the top of the list were the KSA, Bahrain, Egypt and the UAE. As a result, strengthening our personal digital security practices is more important than ever.
Abir Ghattas, information security technologist at Human Rights Watch (HRW), introduced the 5 main questions users should ask in their digital security risk assessment process:
- What are you trying to protect?
- What are you trying to protect it from? Abir explained that this threat can be a person or a recent sensitive situation.
- How likely is the threat to occur?
- What would the impact be if the threat actor succeeded? Abir reassured that this “does not mean that we have failed.”
- What are the controls that should be in place to mitigate these risks?
The experts then outlined the most basic and important controls that should be implemented to provoke any malware or hack, namely:
-Updating applications regularly
-Restarting your device, which is a way to kill several types of malware
-Activating Two-Factor Authentication in your apps, which adds a second layer of security to the device itself. Make sure to activate 2FA with a backup code, and via an application, such as Google Authenticator – not through regular mobile messages.
-Use a password manager – this helps in generating strong passwords and storing them safely.
-Activate device encryption – mainly by putting a strong passphrase to your mobile phone
-Use circumvention tools, such as a VPN. Always use a VPN, especially when using an open wifi connection.
For more information on how to answer the digital security risk assessment questions and tips for protecting yourself in an increasingly surveilled digital sphere, watch the full session here.