SCRTracker – May 18, 2021 – Devising a secure remote learning plan to fortify against cyber risks – BY KRITIKA M NARULA

The pandemic has drastically changed the way education is being delivered worldwide. For a large part of the last year, through various lockdowns, we have inhabited a world where being safe equates with being socially distant, quarantined, and connected only virtually.

In the process, we have embraced newer models of education dissemination, battled major safeguarding risks, and accounted for the psychological as well as the overall long-term impact of the pandemic on children.

The bottom line is that this transition to either a hybrid or a remote learning model has come with a fair share of challenges. As a result, the school authorities have to stay vigilant, constantly.

As we enter the next phase, we want to be ready for, and ahead of, any challenges that might arise. When we first made the transition, it was done in haste, so we worked with imperfect systems, where a plethora of safeguarding concerns raised alarm.

Now, all school authorities and other education stakeholders wish to implement a system that is well-thought-out and tested for any safeguarding loopholes. In tandem with this goal, the Department of Education (DfE) has mandated the implementation of a secure remote learning plan by September this year.

“Cybersecurity awareness needs to be part of any remote learning plan. This needs to start with teachers and administrators. There is usually a huge tradeoff between security and functionality. Unfortunately, with the rush to implement this, security may have been an afterthought”– Steve Tcherchian

This plan would take into account challenges faced in educational settings related to cybersecurity best practices, equity and access, and psychological concerns. This brings the issue of cyber safety to the centre stage. As EdTech is developing exponentially, it is more important than ever to liaise with National Cyber Security Centre (NCSC) and develop a foolproof structure where

a) cyber attacks can be prevented and

b) mitigation directives are in place if such attacks occur despite these guardrails present.

New Learning Models, New Cybersecurity Challenges

In order to fully appreciate the need for a remote learning plan and implement a safeguarding infrastructure around it, it is important to understand the challenges posed by the remote model in nuanced depth.

The NSCS has issued warnings as well advisories in regards to the increased ransomware attacks in the education sector. In a fairly recent ransomware attack, 37000 children were unable to access their email. Since we moved to the remote mode of learning and working, hacking incidents have been on the rise: the Cyber Security Breaches Survey 2020 found a total of 54% identified breaches or attacks at least once a week for secondary schools.

In addition to the traditional forms of cyber attacks, we also witnessed novel security breaches in the form of “zoom bombing” whereby an uninvited user accesses a private video call. In an educational setting, zoom bombing has posed several threats:

  1. Invasion of privacy of everyone in the video chatroom/call,
  2. Distraction from or disruption in the lessons, and
  3. Exposure to inappropriate materials or sights.

Phishing — the fraudulent practice of masquerading as a person/company of repute in order to acquire sensitive information — was rampant too.

To read the full article, please visit SCRTracker.