How to get an A+ in cybersecurity now that schools are back in session

Nov. 19, 2020
Online learning presents a new set of challenges to parents and security professionals

The world has changed dramatically since the advent of COVID-19. This change is visible when we see people wearing masks and abiding by the six-foot distancing rule, restaurant signs advertising takeout service, and plexiglass shields at checkout counters. Because fewer folks are out and about and we’re staying further apart, life may seem sleepier than it was in the “before” time. However, what happens behind closed doors these days is often much more chaotic.

Many of us are now working from home. As if that is not difficult enough, a fair share of the new remote workforce is trying to get the job done with their children in the house. The back-to-school season has recently brought an added twist to this dynamic. Now home office work and virtual learning are all taking place under one roof. Of course, the challenges this creates are not solely within the four walls of our homes – online students also make us more vulnerable to hackers.

Months ago, when the pandemic was first breaking across American shores, the immediate concerns, understandably, were related to the economy, healthcare infrastructure and familial health. Our research showed that only 31% of Americans expressed serious concerns about the impact of the pandemic on their children’s education, suggesting that many people may have had a false sense of security while working, shopping and schooling from home.

Students will be spending significantly more time on their computers throughout the fall, increasing the risk of cyber threats such as phishing and Zoom bombing. That poses a serious problem, not only to the child’s schoolwork but to every family member in the household working, shopping and learning through a shared Wi-Fi network. This is amid a landscape in which the Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) has received reports of approximately 20,000 COVID-19-related cybersecurity threats as of late June of this year. That is greater than the number of threats IC3 collected in 2019.

Whether your family is helping to educate children from home or just continuing to interact, share, shop and work online from your abode, here are some tips to decrease your cyber risk.

  1. Call the nanny. If you and your family members are unable to fully supervise your children while they’re doing schoolwork, you may want to consider investing in nanny software, which provides parents with visibility into and control of their children’s online activities. You can use this software to teach kids which websites are or are not appropriate and secure and to get reports on what your children are doing online.
  2. Keep current. Ensuring the firmware and software that you use is up to date and practicing good password hygiene, also will lower your cyber risk. Protect your Wi-Fi devices and network with patches and by updating them with the latest firmware. You will also want to look at the brand and model of your Wi-Fi gear, and check and address the security risks related to your particular equipment. Also, be sure to change default passwords on your applications and endpoints. When you create new passwords, make them longer than eight characters and include lowercase and uppercase letters, numbers and special characters. Avoid using words or deviations of words as passwords.
  3. Look before you click. Most of us have become so comfortable in the online world, that it is easy to forget that clicking on a link in an email or on a website – even one that looks somewhat familiar – can let bad actors in. If you’re uncertain whether it is safe to click on a link, use your mouse to hover over the link so you can see if will take you to the website you want to visit and/or use an online search engine to verify the URL domain.
  4. Talk about protection. Don’t worry, this may not be as uncomfortable as it sounds. What we’re talking about here is sitting down with your children to let them know that it is safe to talk with you if they’re concerned about something they see on the internet. Don’t be afraid to ask if they’ve come across anything out of the ordinary online. Use this time to help your kids understand the dangers involved with being on the web and to offer them tips on how to safeguard themselves in this environment.
  5. Turn in your work. Avoid expanding your threat surface by keeping your digital work lives separate from your personal lives. If you can dedicate separate devices for school and for play, that is great. If that is not an option, creating two distinct user accounts is a step in the right direction. This will educate your student on the importance of creating separation between their digital work and personal worlds. Also, tell your student not to store personal information on, download software to, or conduct personal web searches using school-provided digital endpoints. Do the same with your work-provided devices.

The back-to-school season is a busy time for everyone. But at this critical juncture in which the combination of work and schooling from home is a new normal for the foreseeable future, and as more things are connected to networks around the world, it’s definitely worth the time and effort to rethink how we approach security and safeguard our data and devices, ourselves and our families.

 About the Author: 

Mathew Newfield joined the Unisys leadership team as the Corporate Chief Information Security Officer in March 2018. He leads the Unisys Corporate Information Security team with responsibility for design, development, and implementation of the company's corporate information security and risk programs across all regions and functions. Mathew has over 19 years of experience in Information Technology with a focus on Security, Software as a Service Operations, Risk Auditing and Management, and international Mergers and Acquisitions. Prior to joining Unisys, he was the Director of Global Managed Security Services for IBM where he had responsibility for delivery services in 133 countries and managed a staff of 1,500 security professionals.

Mathew led the Managed Security Practice that performed Device Management, Threat Intelligence, Managed Security Information and Event Management, Account Governance, Project Management, Deployment Services, New Service Integration Business Operations, Compliance/Governance and Architecture Services. Mathew was also the Business Unit Information Security Officer and Global Process Officer for IBM's Security Services Organization. During his time at IBM, Mathew streamlined operational processes and developed cost reduction methodologies that improved cost control, profitability, and client delivery. Prior to IBM, Mathew held senior security leadership roles at Cybertrust, RSA, and DDC Advocacy.

Mathew is a published author on topics related to security, a speaker on cybersecurity, and has been an instructor at the SANS Institute. In addition, he holds a Bachelor of Science degree in Industrial and Organizational Psychology from George Mason University.