Digital transformation has revolutionized education. Beyond online learning options, students use tablets and computers in place of books, pencils and paper. Threat actors know this, which is why education is the industry with the most recorded malware attacks.
Yet when schools offer security training, more often than not, administrators are the ones receiving the instruction. It's crucial to prioritize cyber security teacher training. According to a Morning Consult study, 59% of educators don't know if they've had security training, or they haven't had any recently, despite more than three-quarters of teachers relying on online learning.
In addition, the study found many teachers are unfamiliar with common cyber security threats. For example, even as classrooms were virtual for much of 2020, half of educators were unfamiliar with videobombing. Even fewer were familiar with attacks like phishing and ransomware.
The lack of cybersecurity teacher training can put students' personal information at risk. Cyber criminals favor targeting children's personally identifiable information (PII) because that data isn't monitored as closely as adult PII. In fact, childrens' data may not be identified as compromised until they apply for jobs and driver's licenses.
Cyber security teacher training benefits students
Everyone in the school system should have security training, but most important is cyber security teacher training. When teachers learn how attacks happen, who is targeted and what best cyber security practices to follow, they can take that information back to their students. Cyber security teacher training can be used to create specific lessons for student security training and help students apply learnings in everyday lesson activities.
Because students live on their devices, it's vital for them to understand how poor security habits impact them—and how they can impact the school at large. Teachers have the ability to instill good security habits, but they can only do that if they have a solid understanding of cyber security and cyber threats.
What to include in cyber security teacher training
Teachers should understand the basics of cyber security, starting with why it's important. They should learn the different types of attacks, like phishing and social engineering, and how using techniques like multi-factor authentication (MFA), strong passwords and locking devices can protect student data. Insider threat behavior should also be included, so teachers don't misuse information.
Security training can also help teachers understand the top cyber threats facing schools, which include phishing, distributed denial of service (DDoS) attacks, ransomware and Internet of Things (IoT) vulnerabilities.
Teachers, like any other employees in an enterprise organization, should be trained in appropriate cyber hygiene, such as fully logging out of computers and devices, especially when leaving the classroom, and only using school-approved software and applications. They also should understand how to assess the risks of what they use (or don't use), the importance of using software-defined wide area networks (SD WANs) and MFA to access anything with personal data.
How teachers can help with student cyber security training
All teachers, regardless of their level of comfort with cyber security, have an important role in helping students learn about cyber security best practices. Teachers can make these practices a part of the daily curriculum in unassuming ways, such as reminding students to log out of applications and devices when finished. Students could also benefit from discussions about news surrounding major cyber events, including any real-world implications to students.
Teachers, as well as IT administrators, technology and other players, are crucial players in developing a clear road map for protecting students, teachers and systems.
Discover more about how to secure your school from cyber threats.
The author of this content is a paid contributor for Verizon.