Teaching children information security skills

In this interview, Julie Peeler, the Director of the (ISC)2 Foundation, discusses the biggest online threats to kids and provides tips on how to teach children to stay safe online. Peeler also introduces the work of the (ISC)2 Foundation and shows how you can get involved, spread the positive message and teach Internet safety to kids.

What do you see as the most significant threat to young net users today?
The biggest threat to young Internet users is a lack of education. From the time that children are born, they’re taught how to access the world through technology – how to manipulate technology to finish their school work, how to use technology for social development. They’re online constantly but are not taught anything about online security. You witness these children doing all kinds of actions that lack traditional good sense. As an adult, you can apply common sense to scenarios that you’re faced with online but children, however, simply don’t have any of the background information needed to understand where and why they are vulnerable.

Kids tend to be more tech savvy than their parents and adopt new methods of social networking quickly. What should parents do in order to stay on top of the fast paced IT landscape?
As a parent, it’s up to you to keep a very close eye on your child’s online behavior and online consumption. A lot of times parents will say to us: “aren’t there privacy issues with monitoring what my child is doing?” My response has always been, it’s your house, your technology, your Internet access, your electricity; therefore, you should be overseeing what’s happening on all of these online devices your child has access to.

The need to secure someone under the age of consent who you are tasked with raising to adulthood is greater than that child’s very short term need for privacy. When your child goes out to go play with his or her friends, you ask them a series of questions primarily so you have a wealth of information should you need to find them quickly. The same technique that you use to secure them in the “real world” should apply to the cyber world, as well.

It’s important to note that there are just as many, if not more, threats in the cyber world as there are in the real world. Parents have to think about what devices their children have access to and for how long they are on these devices. The longer they’re logged in to these differing online channels without the proper knowledge of how to protect themselves, the more vulnerable it leaves them to becoming the targets of identity theft, a child predator and cyber bullying.

Based on your experience, what are the most effective ways to teach children how to stay secure online?
Using good analogies and examples are the best and most effective way to teach children how to stay secure. With kids, it’s not about telling them what they should and need to be doing, it’s about why. Children need to seriously understand the consequences of their online actions and not just understand them in a vague way. They need to know that they’re just as susceptible to targeted online attacks as those who are profiled in the media. We unfortunately have so many examples of this in the news media. The more real-world examples you can utilize in an education program, the more children will understand the exact repercussions of their behavior online.

Every child will be saying in their head: “that will never happen, let alone happen to me.” To be able to stand in front of them and give them an array of examples is extremely impactful. Real world examples scare children, and scare tactics work sometimes too.

In addition to providing them with examples, involving them in their own learning has shown to be an effective way to teach children, as well. Asking them questions like: “how would you feel if this happened to you,” “why do you think this happened,” or “how could this situation have been avoided,” is a great way to get them to think and apply these scenarios to their own life.

Kids don’t always listen to their teachers, and they don’t always listen to their parents, either. Through the (ISC)2 Safe and Secure Online Program, we’re able to bring in an objective third party who is highly trained in online security and safety, to kids in classrooms all over the world. They provide credibility and knowledge about online safety that kids can really learn from. To date, the program has helped educate over 100,000 children globally on how to become, and remain, secure online.

The (ISC)2 Foundation connects highly skilled IT pros with students, teachers and the general public so that they can learn how to secure their online life. What is your mission? What type of global progress are you seeing?
Our mission is to empower people to secure their online life through awareness and education programs. When I started two years ago, there were 200 volunteers in the Safe and Secure Online program. Now we have over 1000 volunteers. We were in four countries initially, and now we are in seven. In addition to the classroom program, our volunteers are working on developing useful online resources that will be available next year and we are expanding our program to include senior citizens as well, since they are also highly vulnerable.

Additionally, since the inception of the program, we’ve seen quite an upswing of children interested in pursuing careers in the IT profession which is extremely important in developing a strong security workforce of the future.

I’m sure many would like to spread the positive message and teach Internet safety to kids. How can they get involved? What are the prerequisites?
In order to get involved in Safe and Secure Online, you have to first be a member of (ISC)2 and then register on the (ISC)2 Safe and Secure Online web page. Once you’ve registered as a volunteer, you’ll be enrolled in a training program and may be subject to a background check, depending on the rules of your home country. But if you’re not a member of (ISC)2 we encourage you to go to the web site and request a presentation for your child’s school, sports club, scouting group, etc., or to tell a teacher about the program.