Whenever I have the opportunity to speak with county officials, I always acknowledge that resources are limited, and they are required to respond to many urgent requirements. Floods, tornados, snowstorms, windstorms, etc.
One thing I do point out is that cyber security is preventative. It is an investment to ensure you do not have to deal with an exponential cost later once you have been hit with a cyber attack. So budgeting for a small monthly amount is much better than the open-ended expense of a ransom, clean-up, recovery, replacement, downtime, etc. (This doesn’t touch the issues that come with the loss of data and loss of trust.)
Let’s take a look westward at our friends in North Dakota. They are taking the lead in cyber security in a way that will benefit the entire state for years to come!
Governor Doug Burgum recently signed House Bill 1398, which requires teaching computer science and cyber security for grades K-12. With this law, North Dakota has become the first state in the country to require cyber security education in its schools.
Why is this important?
First, it can help to minimize school cyber attacks. Many cyber attacks happen due to sloppy cyber hygiene practices by students, teachers, or staff. If schools require students to learn about cyber security, the faculty, and staff will also learn. This will tighten up security by default.
Next, children who grow up with good cyber security practices will take those skills into the workforce. Not only will this be beneficial for any job they end up taking and in their personal lives, but it may encourage them to go into the field of cyber security, which is an area of expertise in high demand.
Students in rural areas may have more opportunities in cyber security that allow working remotely, improving the local community. Our children won’t have to leave the state to find work.
Once these students join the workforce, they will share these good practices with co-workers. This may sound familiar – cyber security is everyone’s responsibility. Your entire team will know good cyber security measures and be watchful for suspicious things.
Recent studies show that over 90% of successful cyber attacks start with a phishing email. If your staff are cyber smart, they are less likely to click on a phishing email.
Additionally, over 80% of data breaches result from poor passwords. Imagine if you didn’t have to explain to your staff the importance of using passphrases, not reusing passwords, not writing down passwords, etc. If they had known the importance since kindergarten, it would be second nature.
When children are taught a second language from birth, they are multi-lingual as adults. It is much different when you start trying to learn a second language as an adult. If we look at cyber security similarly, it just makes sense.
Have you ever gotten a new cell phone and had to ask your grandchild to show you how to use it? They are growing up with technology and know how to use it.
We will all be much safer if they grow up with cyber security.
Will Kentucky once again be last on the list? When will we, as a state, decide to jump on the cyber security bandwagon? As recently as this past winter, I heard from a school superintendent that they were reluctant to implement multi-factor authentication for their faculty and staff because their teachers didn’t want it. First, somebody give that superintendent a backbone. Second, they already use MFA when they take their ATM card to the bank and have to enter a PIN to withdraw cash. Just do it already!
By not requiring your faculty and staff to use MFA, you cannot renew your cyber insurance. And, worse, you are doing wrong by your students if you cannot even require the basic cyber security practice for your teachers, who are the ones we entrust to guide our youth.
What’s the answer? I believe we must start at the top, just as North Dakota is. If the school superintendents don’t require cyber security practices, let alone cyber security education; then it must come from the state department of education, the legislature, or the governor.
Education and economic development go hand in hand. Educating our children on cyber security can impact their future, our future, our security, our economy, and our communities.