Cybersecurity Concerns in the Education Sector

According to Ali and Fatima (2016), cyber security concerns are touching on every part of the society. With the growing technology and its use in the education sector, most of the schools are currently in the spotlight of cyber security threats. Notably, Ali and Fatima (2016) noted that cyberattacks are currently rampant with hackers becoming font of damaging the networks and the entire system attached to organizations, more so the schools. However, there is an equivalent growing concern of reviewing the attention the education sector has given to both the private and public schools in terms of investing in measures that would ensure cyber security. First, Goran (2017) narrowed down to cyber security risks and the attention given by the educational sector towards the risk across the public high schools. In a case study of Gingerwood High School, Goran (2017) noted that in 2013, Kentucky Department of education became the prime target following the DOS attack that shut down the significant source of data management as well as operation of the system. Shocked by the standoff and the new wave of security breaches, most of the schools were felt at risk with vulnerability noted in the cracks of the network used by the public schools. Goran (2017) asserted that following the incident, the Kentucky Department of Education worked on a number of measures to make sure that public schools are protected from cyber security attacks and the subsequent threats.

First, the data risk management regime was recommended with the intention of establishing systematic methods for incident response, usage as well as risk management. This came after the implementation of E-Security Approach and increased awareness of the Adequate Usage Policy. The second measure included the protected configuration where the required hardware and software are installed in the system. Guidelines should be put in place in public schools for the purposes of ensuring adherence to required procedures and policies. Besides, the department fostered the security of the network where technological means are applied in filtering the website traffic or the network. This is meant to keep off the malicious material or even check on the malware. The department also worked in the management of privileges of teachers and students. This is substantiated by monitoring the activities pursued by teachers and students. The thought of monitoring is also accompanied by the password management processes as well as policies for both the programs and devices. Goran (2017) further confirmed that as a result of public schools being considered as public spaces, education as well as awareness of the staff and students is regarded as paramount. The two sides need to understand the obligations and responsibilities behind the user security policy associated with information technology. Again, the provision of remote accessibility to the network of the facility should adequate in correspondence to the security concerns. Finally, appropriate monitoring means that the significant authorities are put in place to check on the activities of the staff, students, network traffic and systems.

Apart from public or government schools receiving attention from the education sector, private or independent schools also require the same attention. According to Coleman and Reeder (2018), most of the independent schools are regarded to have digital assets believed to attract cybersecurity obligations. For instance, the schools still receive foreign aid assigned to certain students while medical benefits attached to the employees. Coleman and Reeder (2018) indicated that such transaction would call for collection of sensitive personal details, which is a trend that appears in the 50 states as well as the District of Columbia. Despite being private, independent schools, as noted by Rouse et al. (2018), are bound to legal obligations with regards to data protection and the fight against cyber-attacks. For some of the private schools, the General Data protection Regulation, associated to the European Union, is largely thought to be relevant. Regardless of being private, Rouse et al. (2018) alluded to the fact that private schools still face same security challenges like the ones faced by the public schools. This means that independent schools need to establish their own means of fighting cyber-attacks without necessarily depending on the government structures.

First, Wang and Wang (2019) asserted that independent schools would be attracted to developing formal programs under the written policies. This is accompanied by information security plans and incident response plans depending on the frameworks of the school, and the provisions of the law. Private schools are equally fond of adopting the consultant’s form policy, which may sometimes be drafted in collaboration with the IT staff. Rouse et al. (2018) also noted that it is more convenient for the private schools to conduct regular risk assessment, an element that is equally held high by the public schools. This suggests that procedures and policies should not just be established but they should be periodically revisited as well as reconsidered. The educational sector equally directs most of the private schools to train their personnel. Common m risks such as phishing attacks as well as malware infections can essentially be lowered through training the employees.

A survey conducted by Ali and Fatima (2016) significant comparisons can be drawn from the attention the private and public schools give towards cyber security. Based on the research, a number of the school safety programs as well as projects have been established throughout Japan to promote cyber security in schools, regardless of whether they are private or public. Some of the programs and strategies include the UN Decade, the Yokohama Strategy and the Millennium Development through 2006-2007 Global Campaign on reduction of disasters in the education platform. Ali and Fatima (2016) noted that private and public schools would commonly share the policies as well as institutional mechanisms meant to promote school safety a far as cyber security is put into consideration. This reflects the capacity to embrace the cultural context and local knowledge that would see a reduction in the risks within the school environs. Principles of good governance and flexibility ensure that the enabling laws, guidelines, institutional practices and even regulations are highly held.

On the other hand, Hinrichs and Wankel (2011) took note of the fact that the 20th and the 21st centuries have been marked with a digital age of education. Technology has now become part of the most critical tools in both teaching and learning all the way from Kindergarten to high school. The same observations were made by the Council of the Great City Schools (2017) while making a survey of public and private schools in the district. The council noted that the digital transition is not just happening in the classrooms but also in the administrative as well as operational offices. With technological advancement, the council went out studying the response the education sector is giving towards mobile learning, student data privacy, broadband and network capacity and cybersecurity. Such observations made by the Council of the Great City Schools (2017) were due to the fact that school district networks were increasingly being used for information sharing, business functions and instructions. With looming network or system attacks, the Education Network Security in Hyperconnected World went ahead highlighting the required attention public schools need in addressing such attacks. The ENSH proposed that public schools need to put in place the required policies and procedures which would insist on the ways the network should be used, communications as well as professional development for the district schools, incident response as well as mitigation strategies, and the network intrusion prevention strategies or measures.

Based on the proposed measures, Hinrichs and Wankel (2011) asserted that public schools are comfortable with collaborative strategies where district partnership with significant agencies would leverage on the improvement of services to the staff, students and stakeholders. The collaborative strategy worked perfectly for Fresno Unified School District in which the content filter administrator was aware of student searching for content related to suicide. The collaboration saw the system administrator working together with teachers while making use of the information system. The principal of the school was contacted and early measures taken to bar any tragic outcomes. From this, the team proposed on leverage partnerships with the agencies as well as external entities in boosting the security controls, work on a significant culture of vigilance and time to time audits. Other measures recommended for public schools included expansion of the security resilience, enforce user policy believed to offer the appropriate guidance and establish the most convenient data sharing agreements in the face of the partner relationships.

While collaborative strategies sound more convenient for the public schools, Pusey and Sadera (2011) asserted that the strategy might not work for private schools whose facilities are not meant for public use. Instead of pursuing collaborative strategies, private schools are better enough when they work on a resilient system. This means that private schools need to spend more when working on a system that can withstand attacks on its own as well as resist system failures. Significant measures that need to be observed by the private schools include embedding security such as Firewalls and malware detectors into services, study and profile risks as well as vulnerabilities, design systems with design-for-failure mind-set and work on the system updates that would make the system comply with the dynamics. However, Carr (2016) noted that private schools can still benefit from policy initiatives which can see them benefit from partnership and agreements. Despite the fact this occurs on rare cases, the policy initiatives helped the Clinton-Gore administration calm the differences between the research and development commitment and the Cold War military.

Most of the governments believe that private schools still have the capacity, skills as well as abilities of managing the complexity of technologies and the dangers that come with them. In the face of this assumptions, most of the advanced private schools still enjoyed from the implementation of ”Acceptable Use Policy” believed to have been drawn by the NSF. The entire policy demanded that the network traffic need to be restricted to an “Open research and education” while impeding any commercial activities. Carr (2016) further asserted that through such policies the government increased the public-private partnership with regards to cyber security, an initiative that has been spread out both in the United States and United Kingdom. The initiative became more pronounced in the 1990s as a result of privatizing most of the critical infrastructure while trying to free up capital with schools becoming the prime target.

In addition, Crompton et al. (2016) focused on a study of the Shrewsbury Public Schools where they observed the trends in the education sector. Crompton et al. (2016) noted that most of the schools in the area are drawn towards cyber-education, which is seen as a long term measure. The research further indicates that educators, students and parents have increasingly paid attention to the STEM courses with K-12 school systems standing out as the key beneficiaries of the cyber courses. In the 2014 nationwide poll of the schools, cyber-education became the backbone of the trend with courses such as creating websites, computer graphics, Artificial Intelligence and Robotics, as well as Computer Programming and Coding being proposed. The courses are increasingly introduced in the curriculum as public schools going for external organizations for help on matters curriculum development. Some of the organizations that have been seen in support of the cyber education include the Code.org and National Integrated Cyber Education Research Center (NICERC). NICERC aids cultivation of interest in the cybersecurity-related subjects among the children of grades K-12 while Code Organization aimed at the involvement of women, as well as minorities in the significant field of computer science. Crompton et al. (2016) further noted that NICERC managed to train around 15000 teachers as well as 820000 students across 42 states. However, Crompton et al. (2016) confirms that there are no records clearly showing the involvement of the private schools in these programs because most of them fear the extra costs of running cyber courses. Notably, private schools are regarded as independent organizations with their own structures, which might look different from one another in terms of the properties.

References

• Rouse, T., Levine, D., Itami, A. and Taylor, B., 2018. Benefit Plan Cybersecurity Considerations: A Recordkeeper and Plan Perspective.
• Coleman, C.D. and Reeder, E., 2018, March. Three Reasons for Improving Cybersecurity Instruction and Practice in Schools. In Society for Information Technology & Teacher Education International Conference (pp. 1020-1025). Association for the Advancement of Computing in Education (AACE).
• Wang, S. and Wang, H., 2019. Opportunities and Challenges of Cybersecurity for Undergraduate Information Systems Programs. International Journal of Information and Communication Technology Education (IJICTE), 15(2), pp.49-68.
• Trautman, L.J. and Ormerod, P.C., 2016. Corporate Directors' and Officers' Cybersecurity Standard of Care: The Yahoo Data Breach. Am. UL Rev., 66, p.1231.
• Goran, I., 2017. Cyber Security Risks in Public High Schools.
• Ali, S. and Fatima, F., 2016. Comparative Analysis of Safety and Security Measures in Public and Private Schools at Secondary Level. J Socialomics, 5(169), pp.2167-0358.
• Crompton, B., Thompson, D., Reyes, M., Zhao, X. and Zou, X., 2016. Cybersecurity Awareness Shrewsbury Public Schools.
• Carr, M., 2016. Public–private partnerships in national cyber-security strategies. International Affairs, 92(1), pp.43-62.
• Hinrichs, R. and Wankel, C. eds., 2011. Transforming virtual world learning. Emerald Group Publishing Limited.
• Pusey, P. and Sadera, W.A., 2011. Cyberethics, cybersafety, and cybersecurity: Preservice teacher knowledge, preparedness, and the need for teacher education to make a difference.
• Journal of Digital Learning in Teacher Education, 28(2), pp.82-85.

Looking for further insights on Cultural Competence in Social Work? Click here.