Security and safety are primary needs for all people. The requirements for both have changed in the digital age and need everyone’s attention now more than ever. Beginning to secure a digital future starts with becoming aware that security is a part of life 24 hours a day, 7 days a week. This is critical at a high level because every single person who utilizes technology is a component in building community resilience in the face of cyberrisk. Some easy ways for individuals to improve everyday security include creating longer, stronger passwords for accounts, implementing 2-factor authentication, knowing how to identify malicious emails, and extending one’s sense of security further than the boundary of one’s home and into the world at large. In today’s digital age, everyone must understand that security must be maintained on all digital devices at all times and know the risk scenarios and benefits that come with using technology.
Since cybersecurity is an ever-changing industry where new threat vectors are discovered and exploited every day, one of the most important ways to protect oneself in today’s threat landscape is by reading news from unbiased security sources such as InformationWeek Dark Reading and CIO to become and remain informed about the latest hacks and attacks. An educated and informed public can become a more security vigilant population. At the same time, reading security news raises awareness of just how many hacks and attacks affect organizations and consumers every day, and how many attacks are actually caused on the user end by the human risk element.
One way that cybersecurity is changing is with the exponential increase in the use of technology across generations. Looking ahead to the future, new cybersecurity challenges will arise from the increase of data mining and the abuse of social media platforms. For instance, the sharing of personal information across platforms allows for the development of both highly targeted and highly sophisticated social engineering attacks that could aim at high-ranking officials and high-stakes, multinational organizations. Attackers will also likely continue to try to influence public opinion by abusing social media networks. Additionally, 1 key fact to bear in mind is that children are also not immune to these attacks. Data indicates that only 15% of K-12 US schools have implemented cybersecurity plans as of 2018, and many of these systems hold terabytes of personal student data.
In addition to change, humans adapt to current needs and evolve, and technology will be built around those needs. One of the most insightful analogies that speaks to this is that humans did not stop hunting because people were no longer hungry, they learned to harvest. In the same vein, 20 years ago, cybersecurity was not a part of the conversation because attacks were not as prevalent and sophisticated as they are today. When speaking with security professionals, they will say that 20 years ago, people were willing to leave their doors open before going to bed and did not think twice about buying a talking stuffed animal for their children. Now, security, particularly cybersecurity, must be embedded into the way people think about these same situations. If younger generations are taught end-user security so that they are fluent in the conversation from their very first interactions with digital devices, it will become natural for them to value cybersecurity when designing, engineering, building and marketing next-generation technology.
For instance, computers and artificial intelligence (AI) will help identify and detect risk in the future, but even as technologies improve, there will need to be a focus on making the behavioral and cultural changes necessary to build a human firewall for prevention.
To improve cybersecurity for all organizations today, however, a chorus of louder voices championing security, bigger organizational focus and budgeting in cybersecurity, and more security subject matter experts (SMEs) working across industries to improve the framing of the security conversation are needed. However, the sustainability of supplying more security SMEs is highly dependent on the workforce development initiatives undertaken today. It is critical that organizations and people think about the cybersecurity skills gap—3.5 million jobs by 2021—and begin finding creative, inclusive and proactive ways to fill this gap. This can start with creating engaging classroom conversations.
What is really exciting to see is that educators today are taking those proactive steps. Educators are currently demonstrating the most interest in utilizing the open-source curriculum provided by Bits N’ Bytes Cybersecurity Education (BNBCE). BNBCE has received more than 200 requests to use the curriculum from educators in New Zealand, the Philippines, Saudi Arabia, Singapore, and more countries. There is a huge desire on the parts of parents and educators to disseminate this information as they discover opportunities to do so. While this is encouraging, today’s teenage population can be hard to reach so BNBCE is working on capturing the attention of teenagers in the most effective ways possible, on the platforms where they are most present and comfortable. BNBCE is finding and crafting the best ways to leverage school curriculum and social media campaigns to make cybersecurity relevant and interesting to future leaders. BNBCE is developing ways to make cybersecurity spark lunch table conversations, make cyber a part of science, technology, engineering and math (STEM) education, and make privacy a part of civics in the classroom.
BNBCE aims to steer the course of human progress by empowering the safe and secure use of technology for innovation. I imagine a world with educated citizens in developing nations that are able to use cybersecurity as a gateway to vigilance and independence. BNBCE also works directly with practitioners to bring cybersecurity curriculum in front of school boards to ensure that the schools with which BNBCE has partnered and to which curriculum has been delivered are teaching cybersecurity in tandem with STEM classes. BNBCE wants to see media representation of women in cybersecurity, normalize the idea of including both young people and women in boardrooms, and ensure that secure behavior is second nature for all people. By committing to this vision, BNBCE hopes to see financial loss averted, citizens both safer and more secure, and communities built on a foundation of peace.
Kyla Guru is a 17-year-old senior at Deerfield High School in Deerfield, Illinois, USA. In the summer of 2016, before she entered high school, Guru discovered a curiosity around cybersecurity and became fascinated with successfully protecting the technologies of the future. After learning that 90% of cyberattacks on US national infrastructure targets were due to human error, Guru founded Bits N’ Bytes Cybersecurity Education (BNBCE), a nonprofit organization to combat this vulnerability. Three years later, BNBCE now sustains over 20 national partnerships with US school districts, corporations, including Facebook and IBM, and educational platforms such as Discovery Education, all in an effort to increase awareness and fluency in privacy and cybersecurity. Guru has presented at TEDxChicago, the US National Institute for Standards and Technology’s (NIST’s) National Initiative for Cybersecurity Education (NICE) K12 Conference, the RSA Conference 2019 and the RSA Conference-Asia Pacific conference in Singapore, advocating for both cybersecurity education and the critical mobilization of Gen Z youth. Guru is a firm believer in the power of young people which led to her roles as cofounder and codirector of GirlCon Chicago. This premiere high school tech conference takes place in Chicago, Illinois, USA, each year and unites more than 300 industry professionals and students to discuss bridging the gender gap in tech. Follow Kyla’s journey on Twitter @GuruDetective, and keep up with GirlCon on Instagram @girlconchicago.
This article was originally published on Paving the Future of Cybersecurity Education page of the SheLeadsTech website.
The ISACA SheLeadsTech program and the SheLeadsTech newsletter shed light on the waves women are making in the tech industry today. By subscribing to the monthly newsletter, you will receive the latest event updates, webinar content, podcast content and insight into what women leaders, like Guru, are uncovering in the tech industry. To subscribe to the newsletter, visit the SheLeadsTech website.