On the Front Lines: Your Guide to the Cybersecurity Workforce, Part III

By | June 4th, 2015|Uncategorized|

We’re happy to share a three-part guest blog series from writer Tricia Hussung on behalf of Russell Sage Online. As formal education becomes integral to the cybersecurity industry, more and more colleges and universities are establishing programs of study focused on digital culture and technological security. Russell Sage Online offers both a Bachelor of Science in Information Technology and Cybersecurity and an undergraduate Cybersecurity Certificate. Here’s more from Tricia on the latest trends in cybersecurity careers.

It may be surprising to learn that, despite their status as some of the most sought-after professionals in the tech sector, cybersecurity experts tend to remain employed at the same organizations for relatively long periods of time. The Semper Secure survey reports that 65 percent of cybersecurity professionals said they have worked at two or fewer organizations throughout their career. Industry insiders agree: Lee Vorthman, CTO of NetApp’s Federal Civilian Agencies unit says that, “These people aren’t jumping from job to job looking for salary bumps and signing bonuses. Many of them want to work for federal agencies and most of them tend to stick with employers for the long term. For companies, that means they better get them early or risk not getting them at all.”

This means that many of those interested in cybersecurity careers are passionate about technology itself, rather than the high salaries and growth potential they can expect upon graduation. As Jum Duffey, secretary of technology at the office of the governor of Virginia, puts it, “For top talent, cybersecurity isn’t about just a job and a paycheck. It is about the hottest technology, deployed by honorable organizations, for a purpose that in inherently important.”

What Makes a Paycheck?
Professionals in cybersecurity earn well above the national average for U.S. workers. In a recent survey by the SANS institute, 49 percent of responders said they earned $100,000 or more per year— mostly for management roles. The largest single group of responders (23 percent) selected the $80,000 to $99,999 range. This group was comprised mostly of engineers and administrators. There was a considerable between the overall average for management ($121,376) and that of non-management categories ($95,149).

Understandably, cybersecurity salaries are higher based on experience. The average professional starts out at around $74,000 per year, while those with 20 years of experience earn more than $123,000 per year. That difference across 20 years amounts to raises of about $2,500 for each year of experience gained. For both managers and non-managers, progressive salary increases can be expected, but management income remains over 20 percent higher than non-management income regardless of experience.

Education is an important factor in determining salary levels. The same SANS report states that those holding bachelor’s degrees and 7 to 10 years of experience earn average incomes of over $100,000. Those with more advanced degrees “achieve this level of pay sooner.” The opposite is also true, with associate-level respondents earning $64,302 and bachelor’s degree holders earning $71,564.

When education and experience are combined, salary is affected further. Those who have been in the industry for over 10 years and hold advanced degrees have a significantly higher salary than their less educated, less experienced peers. As cybercrime threats continue to become more widespread and security becomes more vital, “the need for advanced degrees is predicted to continue to be in high demand,” according to SANS.

While formal education remains a central factor in the employability of cybersecurity professionals, certifications are another leading contribution to successful careers. The SANS survey reports that, in 2008, a majority of hiring managers “felt that certifications were an important (or key) requirement for hiring. And demand for certified experts is only growing, as more and more organizations require specialized skills in incident handling and response, audit and compliance, and firewall/IDS/IPS/SIEM. Currently employed cybersecurity professionals agree with this assessment: 85 percent of survey respondents said that they hold a professional certification such as the Certified Information Systems Professional (CISSP).

Want more information about careers in cybersecurity? Read more at Russell Sage Online.

On the Front Lines: Your Guide to the Cybersecurity Workforce, Part II

By | June 3rd, 2015|Uncategorized|

We’re happy to share a three-part guest blog series from writer Tricia Hussung on behalf of Russell Sage Online. As formal education becomes integral to the cybersecurity industry, more and more colleges and universities are establishing programs of study focused on digital culture and technological security. Russell Sage Online offers both a Bachelor of Science in Information Technology and Cybersecurity and an undergraduate Cybersecurity Certificate. Here’s more from Tricia on the latest trends in cybersecurity careers.

The work environment for cybersecurity professionals is largely dependent on whether an organization is experiencing a security attack. During these times of crisis, workload priorities shift dramatically from a “steady-state operating environment” to a surge capacity. To adjust, cybersecurity professionals need the knowledge and skills to quickly respond to threats as soon as they arise. The ability to quickly and effectively counter security threats is vital, as the stakes are dangerously high. However, during maintenance periods in which no threats are imminent, these individuals must maintain high performance. This means that there is no such thing as an ‘average work day’ for cybersecurity professionals. They must be prepared with a wide range of technical abilities to perform a wide variety of activities while remaining collaborative.

Though it is often considered a subset of information technology, the Institute of Electrical and Electronics Engineers (IEEE) reports that daily cybersecurity work goes beyond the scope of IT. It includes “the analysis of policy, trends and intelligence to better understand how an adversary may think or act — using problem solving skills often compared to those of a detective.” Because of this, the IEEE recommends that prospective cybersecurity professionals be “those who can see themselves in fast-paced environments” with unpredictable working hours. However, one of the advantages of the field is that it is constantly evolving. Professionals in the developing cybersecurity workforce come from different educational backgrounds and are prepared for varying career paths such as those mentioned above.

Salary Information
In general, the salaries for cybersecurity careers are high. The Wall Street Journal reports that the salary for engineers, analysts, architects and other types of trained cybersecurity professionals averaged $101,000 based on advertised information. The same article states that this is “well above” the expected salary for IT professionals, which according to the Bureau of Labor Statistics is $86,000.

Though these broad numbers are certainly encouraging, salary data for specific cybersecurity careers is even more impressive. It is important to note that these salaries are estimated and can vary based on experience and specific skill area.

  • Data security analysts earn anywhere from $89,000 to $121,500 according to Robert Half Technology, a national provider of IT professionals. Modis, a global provider of IT staffing services, reports that analysts at entry-level earn an average of $70,500, while those in supervisory and management roles earn from $93,300 to $110,100.
  • Security administrators have a wider range of earning potential, from $49,400 to $114,500 per year according to Modis. Robert Half categorizes security administrators into two groups: systems security and network security. By their estimate, a systems security administrator can earn $85,250 to $117,750 per year, while network security administrators earn from $85,000 to $116,750 annually.
  • Information systems security managers earn from $103,500 to $143,500 per year according to Robert Half, while Modis projects annual earnings to be from $78,300 to $142,000. These numbers include base pay and incentives.
  • Systems/application security analysts can expect to earn $85,800 per year for base salary, according to Modis. With incentives, this number rises to $89,200.
  • Network security engineers earn anywhere from $89,500 to $116,750 annually according to Robert Half.

Want more information about careers in cybersecurity? Read more at Russell Sage Online.

On the Front Lines: Your Guide to the Cybersecurity Workforce, Part I

By | June 2nd, 2015|Uncategorized|

We’re happy to share a three-part guest blog series from writer Tricia Hussung on behalf of Russell Sage Online. As formal education becomes integral to the cybersecurity industry, more and more colleges and universities are establishing programs of study focused on digital culture and technological security. Russell Sage Online offers both a Bachelor of Science in Information Technology and Cybersecurity and an undergraduate Cybersecurity Certificate. Here’s more from Tricia on the latest trends in cybersecurity careers.

It’s no secret that cybercrime is a serious global issue. More than 1.5 million people a day are victims of cybercrime and the global cost has reached $100 billion. Facing data like this, the federal government has recently ranked cybercrime as a top security threat. In fact, the U.S. Director of National Intelligence pointed to cybercrime as a top security threat, “higher than that of terrorism, espionage and weapons of mass destruction.”

President Barack Obama also noted that “developing effective cybersecurity measures and capabilities is one of the most serious economic and national security challenges we face as a nation.” Recent security breaches affecting Target, Home Depot, JP Morgan Chase and Sony Entertainment brought cybercrime into the mainstream media, but these attacks are nothing new. One recent report identifies inferior skill levels as a contributing factor to this issue, pointing out that “the cybersecurity programs of U.S. organizations do not yet rival the persistence, tactical skills and technological prowess of their potential cyber adversaries.” For these reasons, trained cybersecurity professionals are more in demand than ever before.

Why Cybersecurity?
Qualified cybersecurity professionals are the main defense against cybercrimes, protecting networks and creating secure environments for organizations of all types. As experts, they use highly technical tools and skills to audit systems. These specialized competencies are the reason that businesses hire cybersecurity professionals: they monitor networks for attack traffic and deploy countermeasures to protect sites of all kinds. And, organizations are taking the development of security seriously. In fact, the global cybersecurity market is expected to grow to $120.1 billion by the year 2017.

The demand for cybersecurity professionals is growing at 3.5 times the rate of overall IT jobs and 12 times faster than the job market overall. This growth is a continuation of an ongoing trend; the demand for cybersecurity experts grew 73 percent between 2007 and 2012. Especially in fields like health care, education and public administration, this growth will no doubt continue in the coming years.

The Cybersecurity Workforce
The National Initiative for Cybersecurity Education (NICE) recently partnered with the Federal Chief Information Officer’s Council to develop a workplace assessment for the cybersecurity workforce. A total of 22,956 participants from more than 50 federal departments and agencies completed this assessment, which collected demographic information, pay grade, age range, experience, education and certifications. One important finding of this report is that the majority of participants (78.5 percent) are above the age of 40, while participants aged 30 or younger account for just over five percent.

This disparity in age demonstrates part of why there is such a demand for cybersecurity professionals in today’s workplace — many of the current trained, experienced professionals are approaching retirement age. In addition, participants indicated a strong need for trained specialists in information assurance (IA) compliance, vulnerability assessment and management, and knowledge management. All of these skill areas are part of the modern cybersecurity curriculum for most degree programs.

Want more information about careers in cybersecurity? Read more at Russell Sage Online.

Proving Your Identity At The Doctor’s Office: An Imperfect System

By | October 29th, 2014|Uncategorized|

Financial InstitutionThis guest blog post comes from Dr. Suzanne Barber, Director of the Center for Identity at The University of Texas at Austin. You can learn more about medical identity theft in our recent webinar on the topic, or check out our corresponding whitepaper and infographic.

When you’re sitting in the waiting room at the doctor’s office, you often have a lot of worries—your diagnosis, the long wait, or simply trying to avoid catching a cold from the patient next to you. One concern that doesn’t often cross our minds is whether or not a thief is sitting in another doctor’s office halfway around the world, pretending to be you.

By 2015, as part of the Affordable Care Act, most medical providers will need to meet implementation requirements for electronic medical records. This means that most doctors’ offices and hospital systems will need to give up their old paper charts for electronic charts. Known as electronic health records (EHR) or electronic medical records (EMR), they include not only the digitized records themselves, but also the methods used to exchange information and patient data between different providers, labs, hospitals and pharmacies

While the possibilities are great for increased coordination and accountability within the healthcare field, the move to EMR does leave sensitive medical information at a higher risk for identity theft and data breaches. This could mean more criminals using your health insurance for themselves or worse, using sensitive health information about you to inflict other types of damage. As consumers and patients, we need to keep a few basic questions in mind as the healthcare industry undergoes this change.

The first question we should ask is “What information is being collected about me?” While many of us blindly fill out forms—at the doctor’s office or the PTA sign up table—information about us is actually quite valuable. We have the right to ask questions about why or who will use that information, particularly when it is about sensitive topics like our health. Public health officials, researchers and insurance companies all have an interest in gaining new insights into health trends and effective treatments. But information that we choose to share in a doctor’s office should directly benefit us as patients. It’s okay to ask whether a question or a blank in a form is needed to provide you with better care or whether it is only helping an insurance company determine their costs and reimbursements. The decision of how much to share is always ultimately the patient’s to make.

As health information moves from paper to digital storage, it can be more easily hacked. As patients, we should understand where our information is stored and where it is sent. The burden of data storage for EMR is on medical practitioners, many of which are small business owners. Are they prepared? Do they have the infrastructure, security measures and properly trained staff to manage the data? We can—and should—hold them accountable for how well they protect our EMR. Our medical providers must protect our information as well as our health.

Finally, as patients and consumers of healthcare in the United States, we should determine whether the system we have is the one that serves us best. Currently, patients have little or no control over their own health records. Charts, data, test results, prescription requests, immunizations and confidential doctors’ notes live in myriad places—online and offline, in our own country and in data centers beyond our borders. Is there a future where patients themselves could store and secure their own data? That day may not be far off, as consumers grow increasingly frustrated with security lapses and data breaches. According to the U.S. Department of Health and Human Services, in just the past two years, more than 8 million people have been affected by the breach of unsecured health information.

As we as a society begin to better understand the value associated with our personal information, consumers may begin to demand more transparency about how their sensitive information is managed and secured. When this information is some of our most basic health data, patients may make buying decisions based on how their personal information is protected. Whether it is the insurance company, hospital, pharmacy or doctor’s office, as records go digital and record sharing happens at the click of a button, patients have more to consider than just the care they receive.

Celebrate National Cyber Security Awareness Month by Protecting Your Health Information

By | October 8th, 2014|Uncategorized|

NCSAMThis guest blog post is a part of our cyberSAFE blog series focusing on medical identity theft and health IT topics. It comes to us from Kara Wright, the Digital Media Coordinator for the National Cyber Security Alliance. She assists the operation and development of the STOP. THINK. CONNECT. and National Cyber Security Awareness Month campaigns and works with other NCSA staff to increase the campaigns’ footprint and reach and social and digital properties.

October marks the 11th annual National Cyber Security Awareness Month (NCSAM), which aims to ensure that every American has the resources needed to stay safer and more secure online. Healthcare organizations are constantly advancing in technology, and because they handle sensitive patient information it is especially important for health organizations to have strong cyber security practices. This NCSAM is a good time to remember the importance of and the relationship between cyber security, online safety and health IT.

Cyber criminals become more sophisticated every day, as evidenced by the growing numbers of data breaches affecting major companies, and it is important for all individuals and organizations to look at ways they can protect themselves and their information.

One area of cybercrime that impacts healthcare providers and patients in particular is medical identity theft, which occurs when a thief uses someone’s name or health insurance numbers to see a doctor, get prescription drugs, file claims with his or her insurance provider or get other care. This type of identity theft could impact a victim’s treatment, insurance and payment records and credit report. The Federal Trade Commission website has information on how to detect identity theft, correct mistakes in your medical records, protect your medical information and check for other ID theft problems.

If you believe you have been the victim of identity theft or if you want to learn how to protect your identity and personal data, you can visit the Identity Theft Resource Center for tips, resources and toll-free assistance. Additionally, NCSA’s ID Theft and Fraud page lists a number of great resources for reporting cybercrime and accessing victim resources.

Follow these tips to help protect your personal information:

  • Secure your accounts: Ask for protection beyond passwords. Many account providers now offer additional ways for you to verify who you are before you conduct business on their sites.
  • Make passwords long and strong: Combine capital and lowercase letters with numbers and symbols to create a more secure password.
  • Unique account, unique password: Having separate passwords for every account helps to thwart cybercriminals.
  • Write it down and keep it safe: Everyone can forget a password. Keep a list that’s stored in a safe, secure place away from your computer.
  • Own your online presence: Set the privacy and security settings on websites to your comfort level for information sharing when they are available. It’s OK to limit who you share information with.

For additional tips, resources and other ways to help secure your data, visit the STOP.THINK.CONNECT. website.

Have a great NCSAM 2014! For more information about the month and how you can get involved, visit StaySafeOnline.org.

Content Theft and Identity Theft Go Hand in Hand

By | September 9th, 2014|Uncategorized|

online_gamingThis guest blog post is a part of our cyberSAFE blog series focusing on back-to-school security, privacy and identity topics. It comes to us from Tom Galvin, Executive Director of Digital Citizens Alliance. Tom is based in Washington, DC and has been active in Internet security and safety issues for over a decade. He is focused on bringing a voice to consumers, including those who have been victimized online. By putting a face on the victims of online crime, Digital Citizens will serve our fellow citizens and issue a wake-up call to policymakers and Internet companies that they must do more to protect us.

Children today are engaging with a vast amount of digital content. The average child spends around 7.5 hours a day consuming some form of media—a lot of it through the Internet. While children may be tech-savvy, they don’t always understand the implications of downloading an illegal game, song, TV show, or movie—and what those actions can mean for their personal online safety.

It should come as no surprise that a significant percentage of the content children encounter online is stolen content—music, movies, and games that are provided for “free” because the sites hosting them have misappropriated them. Criminals rake in hundreds of millions of dollars a year through advertising and subscription fees for content they don’t own. In fact, that’s a topic Digital Citizens has explored at length in our study, Good Money Gone Bad.

Children may or may not realize that downloading this content is illegal, and certainly more education is needed to help children behave ethically and morally online. Beyond the issue of whether downloading stolen content is ethically wrong, it also exposes children to significant risks. Those “free” games or songs can end up costing children and their parents a lot, including their identities.

A good rule of thumb for anyone to follow is that there’s no such thing as “free” on the Internet. Downloading stolen content exposes an Internet user and his or her entire family to malware and spyware that puts personal information at risk, gives hackers access to private content, and enables identity thieves to steal your life.

According to a recent survey, identity theft among children is on the rise. One out of every 40 households with kids 18 or under has experienced “at least one child’s personal data compromised by identity thieves.” Sadly, most of the time identity theft among children isn’t even discovered until years later, when the child becomes old enough to apply for a bank account, student loan, or credit card. By then, the damage done can be extraordinary.

Children are especially vulnerable to identity theft because their identities are essentially clean slates. They have Social Security numbers with no credit histories, making them perfect targets for online criminals who can use their Social Security information to open fraudulent bank accounts, new lines of credit, or even mortgages and loans.

Most of us would never condone a child walking into a local store and stealing a CD, DVD, or video game, but when they download illegal content, that’s essentially what they’re doing. The only real difference is that stealing a DVD from the local Best Buy isn’t likely to lead to weeks or years of frustration and expenses trying to reclaim a stolen identity.

In today’s digital world, it’s not just about teaching our children right and wrong when it comes to content theft, as important as that is. It’s also about helping them understand how downloading supposedly free movies, music, or games can put their online safety and their identities at risk. Today’s children need to know how their actions online can impact their entire life offline, and that means their parents need to know as well.

For more information, visit the FTC’s guide to Child Identity Theft.

Avoiding Hackers in College (AKA Jennifer Lawrence is a Millennial Too!)

By | September 3rd, 2014|Uncategorized|

millenialsThis guest blog post is a part of our cyberSAFE blog series focusing on back-to-school security, privacy and identity topics. It comes to us from Cynthia Lieberman, co-founder of CyberWise, the go-to-to source for busy adults who want to learn how to embrace digital media fearlessly, and the CyberWise Certified online learning program (check out the course on “Online Security Strategies”). Cynthia has an M.A. in Media Psychology and Social Change and with 20+ years of entertainment marketing and media experience under her belt, she also consults for a diverse range of companies in marketing, social media and professional online profiling.

In a flagrant violation of privacy, personal photos stored on iCloud were recently hacked from celebrity cellphones and leaked onto “4chan,” a simple image-based bulletin board where anyone can post comments and share images anonymously. One suspected cause surrounding this incident is that a group of celebrities attending a recent awards ceremony were somehow hacked using the venue’s public Wi-Fi connection.

Many of these celebrities, like Jennifer Lawrence and Kate Upton, are young millennials (age 18-27) who grew up using social media networks such as Facebook, MySpace and most recently, Instagram, SnapChat and more, and consider online social sharing to be part of their daily communication routine.

Despite their obvious celebrity status, many of these stars are no different than other millennials. They are at ease with online technology and comfortable sharing their personal info online. Unfortunately, the consequences of this comfort level have led them all—famous or not—to engage in risky online behaviors.

The Federal Trade Commission reports that people between the ages of 20-29 are the most-victimized age bracket when it comes to identity theft, making up 20 percent of all reported victims last year (and that’s followed closely behind by ages 30-39). This is partly because college students in particular are heavy social media users with smartphones (and often used without passwords).

Many of these millennials are leaving the parent’s nest and flying off to college dorms, unaware that unless they take certain online security precautions, they too can become easy targets for identity theft. In fact, most recently and for the second time in less than three months, hackers have broken into Stanford University’s computer network, and other university servers have been put at risk this year, including MIT, North Dakota University, and the University of Maryland.

Why are students so easy to target? For one thing, college students don’t have a credit history, making their blank slates easy to steal. They don’t usually do a regular check of their credit reports, so If their identity is stolen, it can go undetected for even years.

Here are just a few tips for college students to keep their online identities safe on (and off) campus:

  1. Don’t use public WiFi. College campuses, coffee shops and restaurants are rife with WiFi. Never shop online, log into credit accounts or do any banking transactions with your bank while on a public connection.
  2. Be alert when shopping online. Make sure you only buy from sites that have the security lock symbol next to the URL which can help ensure the website has taken appropriate measures to protect your info. While not foolproof, it will certainly lessen the risk.
  3. Never share your passwords with others. Not even your fraternity brothers or your BFF. Not for website sign-ins, email, online banking or access to the school’s library. Think about it…what if you shared a password with someone you know and they later decide use it to do something stupid on one of your social networks or with your bank account? It’s more than just a trust issue, and not worth the risk.
  4. Have complex passwords that you don’t tape under your desk. Make a habit of having several different “difficult to guess” passwords that you change regularly, and don’t store them on your PC, in a notebook or on mobile devices. Don’t use easy to find phrases like your birthday or last four digits of your social security number either.While it may seem easier for you to have one password for multiple websites, it leaves you wide open for thieves to hack your data. With one password, they can sign in to your email account and have a field day with your email—and everything else associated with it.
  5. Size Matters. Also, do the math—the length of your password is just as important as its complexity because longer passwords make it harder for hacking software to determine your combinations of letters, symbols and numbers.
  6. Don’t click that link. There’s no such thing as a free lunch. No matter how good that deal may sound, if you get an email or text saying you’ve won something or that has a tempting link, think twice before clicking. A recent study revealed that 52% of millennials—compared with 40% of those aged 35+—are more willing to exchange privacy for value with companies as long as they get something in return (i.e. special deals or freebies). Hackers prey on our greed, so avoid offers of smileys, screen savers and coupon-printing software and be especially cautious about downloading free media like movies and games: peer-to-peer networks are full of malware. Same goes for website pop-ups that tell you that you have a virus. With so much pirated software in the market, there is an increased chance that some sort of malware is involved.
  7. Be email cautious. Never open an email – especially an attachment – from an unknown source. Be wary of emails with no subject line or that is strangely vague or brief (i.e. “Hey” or “Cute!”), especially if a web link is included. Viruses can also come from friends that have already been hacked. Open its attachment and you could unwittingly be spreading the virus to others. For safety, verify the source with that friend before you open.
  8. Avoid credit sharks. Credit card and student loan businesses are known for inundating college students with great freebies in exchange for completed credit card applications. Don’t do it! If you want to apply for credit, go to the company’s secure website from your private, password-protected Internet connection, and never over a public WiFi.
  9. Careful about oversharing. Many websites ask for answers to personal accounts to help protect your privacy such as “What’s your dog’s name?” “Where did you grow up?” “What’s your mother’s maiden name?” Many of your answers can be found by checking out info you’ve posted on social media sites like Tumblr and Facebook, so be careful what you post and how transparent your security answers be when answering them.
  10. Don’t assume your phone or tablet is safe. It’s not only PC’s that are susceptible to viruses and hackers, but tablets, phones and apps are too. Lots of virus programs can be installed for cheap or free; just make sure they are downloaded from a secure website by a reputable company.
  11. Monitor your credit report regularly. Sounds like a hassle, right!? It’s worth it though because it’s much easier to catch an identity thief early on by keeping regular tabs on your credit report than it is to make a gazillion calls later to set your record straight.
  12. Trust no one. Imagine finding out when applying for a loan that someone has stolen your ID and has been opening accounts using your name—and it turns out the thief is a former neighbor or relative! Yes, even college roommates, offline and especially online “friends” and classmates can be scammers.
  13. Be app-alert. Be careful what you put on your mobile devices. Always use reputable apps, and select them cautiously. Make sure you use the Google Play or iTunes store, and never click any boxes that allow installation settings from unknown sources.
  14. Leave your important documents with your parents. Social Security cards, passports, and birth certificates should be stored off-campus under lock and key. Only carry physical copies of the ID that you actually need, like a driver’s license and student ID. Shred credit card and bank statements and any paper documents that have sensitive financial information rather than just throwing them in the trash.

These are just a few tips on how to steer millennials (and yourself) out of harm’s way when it comes to identity theft and online security. If you want to learn more, check out our CyberWise Learning Hubs and CyberWise Certified Online Courses on related subjects, including Online Security Strategies, How To Protect Your Online Privacy, Online Reputation Management and more.

Teaching Your Teen How To Be A Cyber-Smart Citizen

By | August 28th, 2014|Uncategorized|

Guest blog_082814This guest blog post is a part of our cyberSAFE blog series focusing on back-to-school security, privacy and identity topics. It comes to us from Sue Scheff, author and family internet safety advocate. She is the founder and president of Parents’ Universal Resource Experts Inc. (P.U.R.E.) and has been helping to educate parents on cyberbullying awareness and safe online practices for teens since 2001.

Making smart cyber choices today is as important as your GPA.

As children are online now more than ever, it’s important to realize that your child’s digital image is their future. Your child’s online reputation determines what college they get into and where they’ll work in the future. Today, 98 percent of employers run an Internet search on applicants and if they find a negative online presence, 77 percent of those employers will not invite the applicant in for an interview.

College recruiters are reporting nearly the same statistics. They are putting your child’s name through an Internet wash-cycle, and how it spins out will determine if your child secures a spot at a college of their choice. As we start the new school year, we have to remember that every keystroke and photo posted in cyberspace is public and permanent – there is no rewind online.

Becoming a Cyber-Smart Citizen
Digital citizenship restarts every day as you power-up your smartphone or connected device. To help your teen better navigate the rough waters of social media, here’s a look at some of the golden rules of cyber-smart citizens:

  • Over-sharing is a common mistake that many people of all ages make on social media. Be selective and smart about what you share.
  • Prior to posting a comment, photo or video – you need to consider the following: is what you’re posting helpful, kind or necessary? Or is it something you may regret later?
  • Check your privacy settings on all social media sites. Make this a weekly habit.
  • Who is in the comments/photos/videos? If you are posting a picture of other people, did you get their permission?
  • Tag and share with care. Treat others as you want to be treated online.
  • Social media is not a scrapbook. Don’t use it as a diary.

Friending and Unfriending Guidelines
In addition to these golden rules, it’s important for teens to evaluate who they are connecting with online. You are judged by who you hang with, online and offline. Here are some steadfast rules when it comes to “friending” and “un-friending” online:

  • If you have a friend that is posting questionable comments or pictures on your social media sites, don’t be afraid to unfriend them.
  • Just because someone is friends of friends of someone you know, it doesn’t mean you have to be friends with them virtually. Cyber criminals can use this tactic to steal your identity.
  • Keep this in mind: quality beats quantity on social media.

Cyberbullying and Online Harassment
There are lines that should never be crossed on social media. Empower your teen to know how to report digital abuse. Here’s how:

  • Do learn where how to report abuse on each social media platform.
  • Do tell a parent or an adult if you are a victim of online abuse.
  • Don’t engage with a cyberbully.
  • Don’t stay in chat rooms or on websites that make you feel uncomfortable.

Your child’s digital trail is the path to their future. It is our job as parents to help them protect and maintain their good name. A great reminder to all students is a New York Times article that ran last year: They Loved Your GPA Until They Saw Your Tweets. One of the most important things about social media that teens should never forget is that social media is not a diary, scrapbook or venting machine.If you are having a bad day, stay off of technology.

In addition to securing your teen’s online reputation by encouraging positive, smart actions, you can also inform your teen of the cyber security issues at stake. They can secure their identity by never giving out their account password or smartphone passcode to anyone. A best friend today could easily become a frenemy tomorrow. Only parents should have passwords.

Keep in mind: you never get a second chance to make a first impression – especially online.

For more information and tips on raising digital citizens at NCSA’s website.

 

Talking with Kids about Online Privacy Settings

By | August 26th, 2014|Uncategorized|

Backtoschool_082514This guest blog post is a part of our cyberSAFE blog series focusing on back-to-school security, privacy and identity topics. It comes from Anne Livingston, the founder of Kids Privacy, which provides parents with information and resources to teach kids to share smart and stay safe online. This fall, she is publishing her first book – Talking Digital: Tips and Scripts for Parents Raising Kids in a Digital World.

When I download a new app, I like to figure it all out first. I take my time, look through settings, and read reviews. My kids have a different approach. They just dive in. Often, this means moving as rapidly as they can, ignoring the settings to get to the fun part. But taking time to explore the settings is a critical piece to protecting privacy.

In the past, teens were able to rely on privacy through obscurity. With so much information online, most communications were lost in a sea of content. Technology is developing faster and better ways to search. Now, people can look for things online via an image or location. These public photos and posts are becoming easier to find. This visibility can lead to unintended audiences

Parents should talk with their kids and teens about the importance of limiting information. Most teens are looking to hang out online with their friends and classmates. By utilizing privacy settings, they can make sure they are sharing with their friends and not the entire world. Fortunately, most apps have some privacy protections. Below is a quick overview of the privacy options for some of the most popular apps for teens.

Twitter, Vine & Instagram allow users to set up private accounts. With a private or protected account, only subscribers approved by your teen can see their posts and pictures. Teens should remember that even with a private account, their profile photo and profile information is still public.

Tumblr also has private accounts but users must first set up one public profile. After that, they can create as many private accounts as they wish.

Facebook does not have private accounts but allows users to select a different audience for each post. Users can choose to share a picture or post with the appropriate audience for that content. Teens should remember the default audience is the same as the audience they selected on their previous post.

YouTube is a popular video-sharing site where teens can create a channel and post videos. YouTube does not have private channels anymore. By default, all videos are public. Teens can change an individual video’s setting to be private or unlisted, and private videos can only be viewed by selected users, while unlisted videos can only be seen by people who have the video link.

Snapchat doesn’t have privacy settings but attempts to protect privacy by allowing teens to share a photo that disappears after a set amount of time. The recipient can only see the photo for a limited time before it vanishes. Snapchat also notifies the user if the recipient takes a screenshot, but teens should note that the screenshot can be easily shared with the public.

Even when kids set everything up correctly, information can still leak out. A picture shared between friends on Snapchat can be screenshotted and posted on to Twitter or Instagram. The bottom line is that kids never know who is going to see it. Even with privacy settings, they need to be smart about what they share. If they would not wear it on a t-shirt, they should not post it. This goes for sharing pictures of their friends as well. Protecting privacy requires all of us to be good friends both online and offline.

For more information about privacy settings, check out KidsPrivacy’s detailed reviews of popular apps and social networks.

Safeguarding Students’ Personal Data In WiFi-Friendly Schools

By | August 25th, 2014|Uncategorized|

backtoschool_082214This guest blog post is a part of our cyberSAFE blog series focusing on back-to-school security, privacy and identity topics. It comes from Alok Kapur, Chief Marketing & Customer Officer at PRIVATE WiFi, a personal VPN product that protects individuals while using laptops and other mobile devices on wireless Internet connections. An expert in the mobile security space, you can connect with him on Twitter and read his recent articles on PRIVATE WiFi’s Official Blog.

The Federal Communications Commission will spend $2 billion to give wireless access to 10 million kids, but are we short-changing our students’ collective cyber-safety rights?

After all, having students on open WiFi networks at school means that data is susceptible to attacks. And what happens to a teacher’s productivity if one student brings a virus from home onto the school’s wireless network? Has the FCC put a plan in place to encrypt student data and class assignments? Perhaps most worrisome is that WPA2 encryption is the only solution that is really viable right now, since nearly all the other standards can be broken into – but is the FCC explaining this or simply doling out the cash without further security advice?

Another worrisome issue is that the natural progression to the FCC’s funding will be the rise of bring-your-own-device (BYOD) policies for students. But unless students are encrypting their data with a VPN like PRIVATE WiFi, updating antivirus software, and using a firewall, BYOD trends are as risky as leaving their assigned lockers wide open – anyone can see their sensitive, personal details. No student would ever agree to openly reveal their online data, after all, but few students probably understand the privacy risks of WiFi.

And according to an Education Week article, the fallout from childhood identity theft might not be known for years. That’s cause for concern given the volume and scope of accidental data breaches in K-12 systems.

Indeed, the same article cites one case among many involving a school contractor who accidentally exposed the names, addresses, dates of birth, and full Social Security numbers of more than 18,000 Nashville Public Schools students; the sensitive information was available online for more than two months.

To avoid data security conflicts, wouldn’t it be better for school districts to maintain student wireless networks that are separate from teacher/administrator networks? If those involved in higher education (many of whom hold advanced degrees) can’t safeguard students’ most sensitive information, how can children in BYOD and WiFi-friendly school environments possibly stand a chance of protecting themselves? Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Load More Posts