Cyber security in education: from 'eternal September' to digital natives
Up until the early 1990s, when the internet was still in its infancy in the United States, many people logged on for the very first time using university systems to access Usenet academic forums. With the arrival of a new academic year, new students caused major headaches for the veterans – at least until the rules of this digital world were clarified.
In 1993, however, the influx of new Internet users – and students with access to the network – reached such levels that it became impossible to maintain this tradition since the Internet would constantly have to accommodate new users, as well as deal with the consequences. The school year in the United States starts in September, and that year the month was dubbed "eternal September".
The internet has changed a lot in 30 years. Today we have a generation of "digital natives" – individuals born accustomed to "screens". They have their own cultural baggage and a very clear idea of how the Internet should work and how they should interact within this environment.
Despite the Internet having evolved, rules still need to be followed to ensure everyone's safety. In many cases, educational institutions are students’ first contact with some of society's rules and the same should be true for information security.
The risk of overconfidence
Despite being digital natives, even the students most familiar with the use of communication devices may be unaware of basic information security rules, like using passwords. They may also need guidance on using computers in the labs and may rely too much on their intuition when interacting with distance learning systems.
This "overconfidence", so to speak, can be negative in certain situations. Cybercriminals try to create situations that force us to act without thinking and, as a result, there’s a better chance of the scam working because we make a mistake without ever doubting our ability to recognize an attack.
It's important to know that cybercriminals aren’t picky when it comes to their victims and can attack teenagers and children, whether for identity theft or to gain access to bank details used for games and other platforms.
A new cycle, new knowledge
Although a new school cycle involves following a specific curriculum of subjects, we know that some of the information to be studied changes from one year to the next. Knowledge also advances, which calls for bibliographies and certain concepts to be updated.
Threats also change over time, when it comes to digital security. Criminals and adversaries adapt, trying to find a way around defensive measures already in place. So, raising student and employee awareness around the dangers they may be exposed to could make all the difference in combating these threats.
What's more, schools and universities have now also become targets for attacks. For this reason, educational institutions must also establish a security policy and keep it up to date, to protect all employees and students.
In 1993, the term "eternal September" was used pejoratively to describe the exhaustion of having to teach and reteach the rules over and over again to a huge influx of people who wandered into the online environment. Nowadays, though, it’s clear that being willing to teach the people around you can benefit everyone, whether in the field of education or information security.