I didn’t learn about data security in middle school or high school. Chances are, neither did you and, probably most of your kids either. The majority of schools do not have special programs or curriculum to emphasize the importance of data security or even a solid implementation for their networks to prevent data breaches. But data security and privacy should be a mandatory subject in all schools and universities and, along the pupils or students, professors, and other staff should also be trained, just like in any organization.
Think also about the fact that today’s millennials are entering the labor market, ending up handling companies’ critical data. Future generations will probably be even more connected to technology and the Internet, so it’s not too late to start information security classes in schools and other education facilities. If kids and students don’t have the option to learn about cyber security in high school, chances of them choosing this field of study are very low, simply because the profile of graduated high school is an important factor in choosing the higher education specialization.
This issue can be noticed in the shortage of cyber security professionals, with more than 60 percent of organizations around the world having too few employees in information security, according to this study. The same research revealed that 1.5 million professionals will be needed by 2020.
Soon Chun Hyang University uses Endpoint Protector to enrich students’ knowledge about Data Loss Prevention
We, at CoSoSys, value education in information security, so we started a collaboration with the Soon Chun Hyang University from South Korea to support their students from the Data Protection area of studies in getting to know and working with the Data Loss Prevention technology. For that, we donated a hardware appliance with full features – Data Loss Prevention and Mobile Device Management. CoSoSys Korea is committed to helping students with training and skills development, offering them free materials as well.
A workshop has already taken place to demo the solution to the students, for them to learn how it works and how to use it. The university is taking a big step in closing the talent gap in cyber security and adapting the InfoSec education to the current cyber threats.
Hopefully, we will soon be able to illustrate more examples like Soon Chun Hyang University, which has successfully introduced Data Protection as a major and is actively having collaborations with organizations, like CoSoSys Korea.
InfoSec regulations in education
Speaking about the lack of cyber security specialists, some of the students majoring in Data Protection could be working in the Education industry. Therefore, they should also know what rules and regulations apply to this sector. Some of the most important ones are:
- Family Educational Rights and Privacy Act (FERPA)
- Gramm-Leach Bliley Act (GLBA)
- Payment Card Industry Data Security Standard (PCI DSS)
- Health Insurance Accountability and Portability Act (HIPAA)
- Health Information Technology for Economic and Clinical Health Act (HITECH)
These address the more and more complicated educational organizations’ infrastructures with data being saved and shared on different workstations, from Windows, Mac OS X, and Linux computers, to smartphones and tablets. The information is very tempting for attackers and highly sensitive for negligent or malicious insiders, with everything from PIIs, intellectual property, Social Security Numbers, medical records, in one place. In 2015, 1.35 million identities were exposed in the education sector, according to EdTech magazine. As any other organization, schools and universities have the legal obligation to protect individuals’ personal information by implementing all the necessary measures like encryption, detailed logs to keep track of data theft or loss, control over the portable storage devices and sensitive data shared on the cloud or on online applications.
Start educating kids about Internet threats
With cybercrime already affecting your kids by the time they enter the school system, what can you do to prepare them for the threats lurking out there?
Today, children start handling technology at very fragile ages, like 3 or 4 years, playing simple games on smartphones or tablets. By the age of 7-8, they are already mastering the art of navigating the Internet, using apps or watching cartoons. For those of you who are parents and give access to Internet-connected smartphones, tablets or computers to your kids, keep in mind that data privacy, security, and solutions like web-filtering should be a priority for the safety of your kids. They do not know anything about viruses, phishing, social engineering, etc. so, depending on your strategy as a parent, you can monitor the devices’ use, or explain the threats to the children as well as some basic security concepts, like strong passwords and trust them they will know how to avoid them (and maybe do some checkups once in a while).
So, we’ve seen that information security in education is as important as education in information security. Education is a highly regulated industry, with many data security rules to comply with and complex infrastructures, especially with students using a diversity of smartphones and tablets. The shortage of cyber security professionals makes things more complicated, so there are required some changes in order to attract more students in cyber security. Starting with the education institutions and even parents, kids should be informed about the threats when navigating the Internet as well as more complicated scenarios for teenagers. Further down the road, any student should consider data security as a possible career path since it is a highly dynamic, interesting and challenging field. There may be a high degree of difficulty, but the payoff is also high. Here are more reasons why cyber security is a great choice of career.
A big step should be taken also by vendors to develop partnerships with universities and colleges to provide the necessary tools for the students and real-life scenarios that correspond with the labor market demands. We’re proud to have such a collaboration with the Soon Chun Hyang from South Korea and we’re looking forward to seeing the students contributing to the Information Security industry.
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.