When I attended public school in the late 90s and early 00s, I learned how to perform now-archaic tasks such as writing cursive script, balancing a checkbook, and navigating the Dewey Decimal System. I’m pretty sure my compatriots from the Z and Alpha generations have never practiced dinner party etiquette during a home economics class, and no one born after, say, 1998 knows the fear that comes with approaching a whirring circular saw during shop class. The public school curriculum in the United States has evolved over the decades, but it needs to change faster to help keep everyone safe in the digital age.
Help Wanted: Cybersecurity Educators
Cybersecurity education just isn’t being taught widely. In a 2020 survey of educators and school officials, more than half said their schools did not offer cybersecurity education(Opens in a new window), The survey, which is by cyber.org, a K-12 cyber education platform funded partly by the US government’s Cybersecurity and Infrastructure Security Agency, also found that only about a third (37%) of elementary and middle schools infused cybersecurity education into their curriculums. That’s unacceptable, especially since research shows many children start using online devices before they’re five years old(Opens in a new window),
Kids may latch onto connected-tech quickly, but that doesn’t mean they know how to use it safely without guidance from the adults in their lives. Given that there was an 85% increase in online attacks(Opens in a new window) involving account login and registration details last year, it’s clear that it’s time to start teaching basic online security rules in school and at home.
Going Beyond Parental Control Software
In previous editions of SecurityWatch, I’ve discussed the benefits and limitations of using parental control software to keep kids safe online. The best parental control applications keep your child from accessing websites with adult subject matter. However, parental control software cannot teach kids how not to fall for scammers chatting them up on random Discord servers or how to spot and avoid common phishing attempts via chat, emails, or direct messages.
Some parental control software may detect social media conversations that are getting too heated. Still, I haven’t seen any that can successfully identify an online scammer hoping to bilk money, credit card numbers, or other personal information from a child via an in-game chat system. Until schools start teaching kids how to live their lives online safely, it’s up to parents to take charge of the situation and educate children about cybersecurity.
Teaching Cybersecurity Education at Home
A lot of parents don’t know where to begin when it comes to teaching kids how to be safer online. Luckily, you don’t need to know a lot of jargon or have a computer science degree to understand online security basics. Here are five simple steps to establish a home cybersecurity curriculum.
Use the internet to find cybersecurity resources. Reading SecurityWatch every week will help, but there are many online cybersecurity courses and e-books for parents. I recommend starting your educational journey with cyber.org. This site offers many free activities and courses for parents and educators who want to learn more about cybersecurity and teach children.
Keep your data to yourself. Don’t want your kids to share the intimate details of their lives with strangers online? As an adult, you should consider holding back from oversharing online too. Scammers can use the information you or your kids share on your online social profiles or chat messages to commit identity theft. Be a good role model by protecting your personal information at every turn online and teaching kids to do the same.
Introduce your kids to a password manager and help them create their vault. Password managers eliminate the need to remember incredibly complex strings of characters, and they keep your online accounts safe. Invest in a Family or Premium password management system, and allow your kids to maintain their logins. The child may lock themselves out of the password manager if they forget the master password, so I suggest opting for a passwordless login solution such as LastPass. By going passwordless, your child can get into their password vault using a mobile authenticator or biometric methods, such as a fingerprint or face scan.
Monitor engagement on social platforms. Kids often use the internet for gaming, social media, and streaming. You may be able to suss out a potential online scam situation or other inappropriate chatter just by observing your child’s online activity. Parental control software such as Norton Family can give you a detailed account of your child’s online activity throughout the day, including links to YouTube videos they’ve watched. If your children are young, you may want to keep their computer or another online device in a public area of the home, so they can talk to you in person about any iffy online behavior they encounter.
Establish household best practices for online security. When you give children their first internet-connected devices, take the time to establish some house rules, and keep an open and ongoing dialogue about them. Here are five suggested starter rules:
Do not store credit card information or other sensitive information in online accounts.
Create and store all online login information in a password manager.
Keep the antivirus software running in the background.
Do not download apps that aren’t from Google Play or Apple’s App Store.
Use extreme caution when clicking links from people you don’t know.
Like what you’re reading? Get an extra story delivered to your inbox weekly. Sign up for the SecurityWatch newsletter.
What Else Is Happening in the Security World This Week?
T-Mobile Agreees To $350 Million Settlement Over 2021 Data Breach. The money would go toward former and current T-Mobile subscribers who suffered financial losses from the breach, which involved a hacker selling the stolen data online.
Ukrainian Radio Stations Hacked to Say Zelensky in Critical Condition. The hack hit the radio station provider TAVR Media, which confirmed the cyberattack. But Zelensky has since posted several Instagram videos showing he’s in good health.
Recommended by Our Editors
Google Chrome Zero-Day Exploit Delivered Spyware to Journalists. Evidence shows an Israeli spyware firm called Candiru used the zero-day vulnerability to spy on journalists in Lebanon, according to antivirus company Avast.
FCC Wants to Know if US Carriers Are Exposing Users’ Geolocation Data. FCC Chairwoman Jessica Rosenworcel opens the inquiry amid concerns from Democrats that prosecutors will go after women seeking abortions following the demise of Roe v. Wade.
FBI: If You’re Hit by Ransomware, Don’t Forget to Call Us. Federal investigators recover $500,000 in ransom payments after a Kansas medical provider calls the FBI about the incident, says US Deputy Attorney General Lisa Monaco.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.