Anyone who has a slight interest in information technology has probably heard about at least one cybersecurity incident. Either it was about sensitive data leakage, viral Trojan virus, or another cybercrime. However, not everyone knows that the 93 percent of cybersecurity incidents are caused by human error. Whether it is clicking on suspicious links or downloading an app of unknown source, the main reason is the victims lack of basic cybersecurity knowledge.
But when should we start teaching cybersecurity? The most common practice in Latvia and many other countries is university. This, according to many specialists in cybersecurity field, is not early enough. However, it is difficult to adjust the cybersecurity study material to different ages and needs. The way of improving people's cybersecurity knowledge and performance was discussed in projects Advances: Advancing human performance in cybersecurity conference “Stronger Together Collaboration in Building Cyber Resilience” which was held on December 7th in Vilnius University last year. In this project the researchers from different universities including Riga Technical University and from different perspectives: IT, psychology, and education created a cybersecurity competences model to guide educators in cybersecurity education design.
Head of Business Enablement in Nord Security Ramūnas Markauskas said that the younger person is, the easier it is to learn and by teaching cybersecurity early we can create smarter future society. Tallin University researcher and data protection officer (DPO) Anu Baum presented Estonian cybersecurity education curriculum and emphasized that we should teach cybersecurity from an early age and adapt the learning material to the age of the pupil. Whereas Lithuania is trying to teach cybersecurity in kindergarten by Information Security Officer (ISO) Aušra Dilijonaitė where she engages kids to learn by playing with them.
Now we know that we should start teaching cybersecurity early, but how to make it interesting? In Estonia they created cybersecurity challenges for pupils of every age. Similarly, Riga Technical University researchers Dr.sc.ing. Rūta Pirta-Dreimane and Mg.sc.ing. Evita Roponena introduced a cybersecurity competition for bachelor-level students called “Cyber Escape” last year's spring which was the part of project ADVANCES. Where students, working in groups, took on the role of a computer security incident response team (CSIRT) and tried to get through the first steps of the incident management cycle: incident identification and reporting, and tried to improve the communication skills of their team. The game was presented in Escape Room format to engage interest in cybersecurity which according to participants was fun concept that increased their interest in this topic.
In conclusion, each of us is responsible for our own education. However, we are also responsible for teaching our children and our elders how to protect themselves in cyberspace. This would not only make cybersecurity feel less frightening and easier, but also decrease the overall number of cybercrimes.
