The Internet is everywhere in the modern world — used in personal and professional settings — and we’re surrounded by technology all day every day. But it’s not only adults.
Kids are learning to operate smart devices and access the web earlier and earlier, both at home and in the classroom. Whether it’s implementing eLearning or harnessing the cloud, more school districts than ever are also embracing digital transformation as a way to enhance student learning opportunities.
But with the ubiquity of the Internet comes the prevalence of security concerns and cyberthreats. In recent years, cybercriminals have been teaming up in search of skilled hackers and advanced tools to further evolve their craft. They’re building their own ecosystems and supply chains to be more effective. And the reality is that cybersecurity in K-12 districts is often under-resourced, making schools prime targets for cybercriminals.
We sat down with Rob Rashotte, Vice President of Global Training and Technical Field Enablement at Fortinet to discuss how K-12 educators and districts, as well as the general public, can strengthen their security. From implementing the right technologies to educating employees on smart cyber hygiene practices, making a handful of key changes can go a long way in protecting against cybercrime.
First of all, we know that Canadian schools are at risk of cyberattacks or breaches, but how much of a concern is it?
RR: Unfortunately, it’s a significant concern. Educational institutions of all sizes are a prime target for cybercriminals as they seek sensitive and personal information that could be sold on the dark web. In fact, research from Fortinet’s 2023 Security Awareness and Training Global Research brief shows that 81% of surveyed institutions experienced one or more malware, phishing, and password attacks last year.
What are some of the benefits of training and upskilling K-12 educators in cybersecurity?
RR: With schools being frequently targeted by cyberattacks, it is imperative that the frontline of defence — which includes staff and faculty — have a fundamental understanding of cyber threats, allowing them to better safeguard the data of schools, staff, and students. Training educational staff to recognize and report on potential security threats will not only reduce costs, stop breaches, and protect data, but it will help to create a cyber-informed culture that extends to the student body and helps them to form smart security habits when using email, social media, chat, messaging, and more.
That’s why Fortinet recently announced our new Security Awareness and Training service customized for K-12 educators.
Tell me about this new training service.
RR: To help combat cyberattacks on Canadian schools, we’ve launched an education-focused version of our Security Awareness and Training service available at no cost to K-12 school boards and private schools across Canada in both English and French. The SaaS (Software as a Service)-based service offers timely awareness training on today’s cybersecurity threats in order to help education staff recognize, and avoid falling victim to, cyberattacks.
The content is fully customizable, allowing the school boards and private schools to set campaigns and select which of the 20 modules to deploy to education staff at intervals they choose. Available modules include Bad Actors for Educators, Mobile Security for Educators, Social Engineering for Educators, Social Media for Educators, and more.
Fortinet’s commitment to cybersecurity training doesn’t just end with educators though, does it? Can you tell me a little bit about how the company is working to expand cybersecurity awareness?
RR: No it does not! Security breaches are rising across all industries, with cybercriminals levelling up their playbooks and increasing the volume of attacks. As if trying to stay ahead of adversaries weren’t enough, security leaders are also working to manage another risk: a talent shortage. This cybersecurity skills gap is why Fortinet is on a mission to train 1 million people in cybersecurity by 2026. We’re actively committed to expand cybersecurity awareness to as many as possible to make a significant difference in addressing this gap.
We are advancing this pledge through initiatives like the Fortinet Training Institute, which offers a variety of certification programs for learners of all skills levels, as well as the Fortinet Academic Partner Program, which works with more than 600 colleges and universities globally to integrate Fortinet’s NSE training and certification courses into the existing curriculum.
What are some easy ways the general public can ensure they’re protecting themselves and their data from bad actors?
RR: There are a few simple things everyone can do to protect themselves and their data.
First, ensure you’re using a secure connection — this protects your data from being accessed by unauthorized sources, helping to keep your information safe. Choosing strong passwords is also crucial. Your password should be easy to recall but difficult for others to guess, and it should never include personally identifiable information. Multi-factor authentication (MFA) offers an extra layer of protection by adding another step to the sign-on process in order to confirm your identity. With MFA, even if your password is compromised, bad actors won’t be able to access the sensitive information they were after.
It’s also a good idea to regularly update your software, tools, and systems, as well as review your privacy settings. Finally, with phishing one of the most pervasive methods of cyberattack, it’s important to be able to identify and avoid clicking on suspicious links which can contain malware or other malicious content.
What is the number one thing for educators, employees, consumers, etc. to remember when it comes to cybersecurity?
RR: Ultimately, everyone has a part to play in protecting against cyberattacks. Cybersecurity is not solely the responsibility of technology and security professionals — it depends on every person, employee, and student. The escalation of attacks, both in volume and sophistication, makes it imperative that everyone has an eye on security not only at the workplace, but at home too.