CypherCon 2023

Meet Security Planner (Or: How to Help Your Non-Technical Friends and Family Stay Safer Online)

Yael Grauer

Abstract:

Some of the most intimate aspects of our lives unfold through devices and online services. However, there are big questions about whether the devices and services we use respect our privacy, and whether they adequately safeguard our information. It is easy to feel overwhelmed by the challenge of staying safe online—and even more difficult to help secure your less technical friends and family members, especially when all of them have wildly different threat models.

Security Planner is meant to bridge the gap between security experts and the people seeking out information on how to keep themselves safer online. It is a free, easy-to-use guide offering accessible, personalized, prioritized, expert-reviewed advice that anyone can implement quickly and easily.

In this talk, we’ll discuss some of the benefits and drawbacks of current security guides online. We’ll talk about where Security Planner sits in the mix, and when it’s important to send people to other resources. And we’ll discuss what can be done when there are no buttons or switches to help users with digital security issues because of wider systemic failures.

This talk is meant to be interactive with ample time for suggestions, brainstorming, and Q+A.

Importance: Digital security isn’t where we need it to be for overall cyber readiness. It is a systemic failure that people need to follow personalized recommendations, or are so often in need of emergency resources due to digital security threats. In a just world, there would be more transparency, data collection would be opt-in, and products be safe as is and on demand. But that’s not where we’re at right now,
and the ability for people to make a plan and complete recommendations at their own pace is one of the few tools we have. I want to explain SP, and also brainstorm ways we as a community can help push things forward (and what SP can/should be doing better or differently).

Yael Grauer

Privacy, Security, & Keeping you Safe!

Yael Grauer works at Consumer Reports managing Security Planner, a free, easy-to-use guide to staying safer online. Her background is in investigative tech reporting, and she has covered privacy and security for over a decade for various tech publications. She has extensively researched the privacy and security (or lack thereof) of consumer VPNs, teamed up with EFF to research street-level surveillance, broken stories on Zoom misleading users about end-to-encryption, looked into questionable claims about blockchain voting, and investigated surveillance against China’s Uyghur minority. Yael serves on the Board of Directors of the CyberMed Summit, the world’s only clinically-oriented healthcare cybersecurity conference. She also runs a do-it-yourself data broker opt-out list, and is currently writing a book on investigations for No Starch Press.