What Teachers and Staff Should Know About Cybersecurity

In a school day when there never seems to be enough time, teachers often overlook their roles in cybersecurity. It can only be expected, as teachers have a lot on their proverbial plates. Engaging students with lesson plans to advance student learning outcomes naturally emerges as a primary focus. 

However, teachers also prioritize safe and secure learning environments for their students, and that plays directly with the ongoing concern of cybersecurity in K-12 school districts. As technology evolves and digital learning becomes more prevalent in primary and secondary schools, cybersecurity is a theme that will continue to be top of mind.  

In addition to effective cybersecurity’s impact on delivering a safe, secure digital learning environment, there are tremendous financial implications to school districts as well. Comparitech, a cybersecurity and online privacy product review website, recently reported global ransomware attacks against K-12 and higher education institutions—breaching over 6.7 million personal records—are estimated to cost over $53 billion in downtime between 2018 and mid-September 2023.  

Effective cybersecurity at K-12 school districts requires a vigilant approach from all stakeholders, including students and their teachers. The post gives a list of critical steps all teachers should take regarding cybersecurity. But before we get there, let’s first start by defining what cybersecurity means to teachers.  

What is cybersecurity for teachers?

According to the Cybersecurity & Infrastructure Security Agency, cybersecurity is defined as “the art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information.” 

As cybersecurity is only as strong as the weakest link in the school district network, it requires everyone to work collaboratively to keep systems secure and information safe.  

How does cybersecurity differ from data privacy?

Data privacy is the focus on the control technology users have over their personal data and is just one part of the bigger issue of cybersecurity, which encompasses much more. Whereas data privacy is about personal data, cybersecurity is about the systems that contain such data and the prevention of unauthorized access to that information. 

How teachers can strengthen cybersecurity in the classroom

Cybersecurity concerns everyone in the school district, from administration to teachers, from students to parents. However, as student use of technology is different across the various grades of the K-12 education spectrum, cyber security needs are different from one level to another. There are, however, a few foundational essentials for teachers regardless of grade level, and they are as follows: 

• Passwords. Ensure the passwords you and your students use are complex and include upper and lowercase letters, numerals, and special characters. Require passwords to be changed regularly, at least twice during the school year.  
• System updates. Regularly ensure operating systems and security applications are updated.  
• Personally identifiable information (PII). Defined by IBM, PII is “any information connected to a specific individual that can be used to uncover that individual’s identity, such as their social security number, full name, or email address.” Of particular concern related to school-aged children is location data. Be mindful of where and why PII is being input into various applications and restrict sharing, as necessary. Teach students to never post their PII publicly, and to never use any part of their real names or birthdays as usernames in applications.  
• “Think before you click, scan, and download.” Bad actors use clickable objects to insert malware. Practice safe internet use by never clicking on suspicious links and pop-up ads, scanning shady QR codes, or downloading questionable files. Periodically reinforce the standard with your students.  

Teaching cybersecurity to elementary school students

Elementary school children are using technology more and more in the classroom, and many bring years of tech use experience to school. However, most are not well-versed in effective cybersecurity. Key points of emphasis teachers should take with cybersecurity include the following: 

• Care for devices. The first step of cybersecurity is the physical protection of the device. Lost or stolen devices pose an immediate risk. Teach your students how to take responsible care of all tech devices, including keeping them charged and updated.  
• Digital citizenship. Teach your young students the importance of responsible digital citizenship. Encourage the development of good practices early, including protecting their own privacy, respecting the privacy of others, and following the guidelines for tech use established by both the school and their individual households. Emphasize the need for good digital citizenship on social media platforms. 

Teaching cybersecurity to middle and high school students

Internet use becomes almost ubiquitous as students get older. As such, cybersecurity risks are magnified. When teaching cybersecurity to secondary school students, use the following to build upon the foundational points reviewed above: 

• Multifactor authentication (MFA). Demonstrate to your students the benefits of adding MFA to elevate security of individual accounts.  
• Network security. Explain the basics of network security and teach students the risks of using public Wi-Fi networks and the need to secure their home networks. 
• Data privacy & protection. Discuss data privacy laws, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), with your students, helping them understand both their rights and the importance of legislation to protect their rights. 
• Threat landscape. Educate your students on the common types of cyber threats, including phishing, malware, and social engineering. Explain how bad actors deploy social engineering techniques to manipulate naïve tech users and gain unauthorized access to systems and data. 
• Online gaming. Emphasize the importance of not sharing personal information during online gaming with strangers.  
• Digital footprint. Among other things, the internet is forever. Instruct your students on how their online actions, especially on social media platforms, leave a permanent trail.  

Summary

Digital learning is the status quo for most K-12 students, and the proliferation of connected devices poses a threat to school districts’ systems and the information they contain. Unfortunately, as technology and systems become more robust, bad actors get more sophisticated in their actions.  

Effective cybersecurity in school districts requires the diligence of all network users, and teachers are uniquely positioned to protect the district, their students, and themselves. Use the tips listed above to teach best practices for cybersecurity in the classroom.