This page contains a Flash digital edition of a book.
@InfosecurityMag


I was recently asked to do a SASO session by a local council in a number of schools following a report that an eleven-year- old pupil had accepted a friend request from an individual overseas who was posing as a child but was actually an adult male. The pupil had a number of similar- aged friends on their Facebook. The individual from overseas started grooming the youngster’s friends, as they had not turned off the ‘friends of friends’ option. I understand that he was arrested in the US and prosecuted. (ISC)2


UK volunteers did a


number of sessions in the schools in that local authority area.


A more subtle danger is children and teenagers being exposed to adverts on Facebook that are targeted according to the user’s age. Because many lie about their age, they are regularly subjected to inappropriate adverts such as weight loss or ‘hot date’ ads.


Beating the Bullies Cyber bullying and gaming are also huge concerns. It is regarded so seriously that the latest Ofsted inspection guidance has cyber bullying as an issue that the inspection must address. A copy of the guidance can be found at: http://bit.ly/sb9KPz


With regards to gaming, the most popular games among school children are rated 18 or older – Modern Warfare 2 and 3, Call of Duty, etc. On 8 November 2011, I was doing a SASO session in a catholic primary school when I met a nine-year-old who was looking forward to going home because his parents were taking him out to buy the latest 18-rated game. Children often play the games online against other adults. One group of year 6 boys were in tears telling me and their headmistress that they love the game, but really hate the adults who swear at them all the time (as they can talk to the other players using headsets during the game). One primary school teacher told me that children often arrive in class fi rst thing in the morning making bomb and machine gun sounds.


Furthermore, of the children I surveyed, 50% said they had been online after 10pm


and 13% had been online after 1am on a school night. This poses real issues for every school regarding punctuality, attendance and ultimately attainment. If they cannot afford the games, youngsters will obtain them and other games online via illegal downloads or from non-reputable websites. When asking a group of pupils whether they have had a virus on their computer, over 90% will say they have.


Making it Count


During the SASO session, I show a fi lm that tells the story of a pupil who is the victim of cyber bullying by text message, instant messenger and creation of an unpleasant spoof website. The fi lm can be viewed here: http://bit.ly/K6Sky. At the end of the fi lm, I always ask the students how they would have felt if they were the main character, Joe, who had been the victim of cyber bullying. Most children respond by saying angry, upset, sad, etc. Often, it has allowed pupils to open up about their own experiences. In addition to educating the industry about the Safe and Secure Online program, there are three main reasons why I am writing this article: 1. To make parents think seriously about what their children are doing online


2. To make you consider whether you sharing your IT system at home with children or teenagers is exposing your


Wilson engages pupils in interactive sessions


organization to information security vulnerabilities? I am aware of some large fi nancial institutions that provide free anti-virus and anti-malware products to their employees to help combat this.


3. To offer a word of warning in relation to how children and teenagers use social networking. If you are offering employment to the younger generation, you should be aware that some have become conditioned to making outrageous statements and posting inappropriate pictures on social networking sites. They need to be educated about what is acceptable and what is not.


Get Involved If you are a member of (ISC)2 , you can also


get involved by volunteering for the Safe and Secure Online program and help make a difference.


If you have responsibility for information security training in your organization, then consider changing the sessions to assist parents and caregivers so that they understand the threats and vulnerabilities to the family. That change will generate a greater interest in the employer’s information security messages they wish to convey.


https://cyberexchange.isc2.org/ Volunteer-SignUp.aspx


www.infosecurity-magazine.com /// 41


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52