[#EduTECHAsia Webinar Highlights] – Q&A with panellists on cyberattacks and data intrusion

preeti Event News Leave a Comment

#EduTECH Asia’s Webinar series has been put together to continue sharing with our education community on what is upcoming in EdTech and how schools and universities are continuing with teaching and learning during current challenging times. 


With education transitioning online, cyber security becomes a primary concern that educators, parents, students face. Hence, we put together the panel on “Protecting students from cyberattacks and data intrusion” on 30th April, featuring Matt Harris, EdTech Consultant, Singapore, who moderated the panel; and Mayuri Ambule, Director of Educational Technology, The British School New Delhi, IndiaLt. Col (Retired) Mustaffa Bin Ahmad, Deputy General Senior Vice President – Outreach and Capacity Building Division, CyberSecurity Malaysia:  An Agency under the Ministry of Communications and Multimedia MalaysiaNoel Feria, Educator, Privacy and Security Advocate, University of the Philippines, Dr. Kavitha Muthy, Chief Strategy Officer, Intellize Tech Services, Malaysia who joined us as panellists.

Following our webinar, we sat together with our panellists to get you some more insights on this important topic. These are responses to some of the questions that came in from our attendees during the Q&A session during the panel discussion.

1. How can we prevent future cyber attacks considering that now more institutions are using proctoring tools for e-assessments? For example: collecting student data and access to personal student information.

Mayuri Ambule: Each institution must have their standard cyber security plans in place with required infrastructure. This needs to be complemented with Data Recovery plans and protocols. Remember to be proactive rather than reactive while dealing with securing data. 

Dr. Kavitha Muthy: Cyber attacks can be prevented from devising and implementing appropropriate policies, governance, and comply to PDPA as well ISO 27001 (Information Security Management System)

2. What are basic things that are done by teachers unconsciously that endangers the privacy and personal information of the learners in incorporating technology in the teaching and learning process? As such, what are the proactive measures that can be done by educators to prevent these?

Mayuri Ambule: One simple thing all teachers and or school staff should stop doing is using “to” field to email a group of parents. Instead use “bcc” field so that messages are communicated but personal email IDs are not shared unintentionally by school employee with other parents. 

Dr. Kavitha Muthy: Teachers are lacking in whole gamut of information security threats and make simple mistakes like openly sharing confidential data, sharing of password / weak password, uncover too much information on social media, etc without understanding the consequences and impact, and eventually become a victim of identity theft and credit card fraud and even their physical safety.Therefore, Teacher must educate themselves polished on password security, email security, mobile security, social media security, safe browsing, data protection, etc. 

3. Cyberattacks also take place via non-school related online activities, such as social media platforms. How can we deliver lessons on digital citizenship to keep students safe on platforms that we have no control over so that they could understand and have better awareness of these cyber issues?

Mayuri Ambule: Start young and start early. Students as young as 5 are using digital devices and can use advise to use them safely and resposibly. Start digital citizenship program for all the students (age 5 to age 18) and their parents to make them aware of the opportunities and risks involved with online communication. Teacher readiness is a big factor here because teachers need specific training from the schools to take it forward. 

Dr. Kavitha Muthy: Social media etiquette must be taught to all students to make them understand the importance of being a responsible digital citizen. Social media presence should inspire pride, not regret, and what being shared should stand out from the babble. Whatever we post and share, once public, are on the record for a long time. Thus, the cyber safe program is very essential for all students and should be embedded as part of their curricular and practice. Schools should entice them more like a Cyber Security Junior Club to make it more interactive and interesting for the students to learn and adopt. 

4. What are the ways to know if your data shared online are secured enough? For instance, when we make use of social media tools for teaching and also LMS for lessons.

Mayuri Ambule: Read and research. It has become a habit for most of us to click “Agree” button on the screen as soon as it appears on any screen to access the services. Take a pause and read how the digital tool plans to use your data. Reading privacy policy of digital tools is a must.

Dr. Kavitha Muthy: A vulnerability assessment and penetration testing from at all level including application, web page, network, infrastructure would reveal the weakness and strength of your overall IT architecture. Thus, you would be able to define the process accordingly and again they need to be tied to ISO 27001. 

5. How can we assure the security of my information, and my students’ information as well, if some of the third party applications or platforms that we will use requires access to some of the primary applications that we use? (For example, using a third party app, but I have to give access to the content of my Google Classroom or Google Drive where some of the most important files are stored)

Mayuri Ambule: Once again take a pause and read the privacy policy. If something is not clear, reach out to the company and seek clarification. If you are not not convinced that your data is protected then please dont use the services. Remember no one can force you to submit your personal data. Companies usually use data you have already shared with them.

Dr. Kavitha Muthy: This can be done through Non-Disclosure Agreement between the third party vendors and the business entity (University / Schools) However, bare in mind that the NDA is deterrent, thus you need to have more tangible secured engagement with them, for example third party assessment so that they are also abide to the cyber security policy, rules, t & c herein set forth by your organization.

6. How can parents play a part in cyber security and in securing data for their children when it comes to eLearning especially since this crisis happened so suddenly and most of the teaching is transitioned online?

Mayuri Ambule: Parents are the most important partners of schools leading online learning for millions of students across the world. Schools literally cannot do it without parents’ support. Parents need to keep an open eye on how their child/children are learning and also what other online activities they take part in. Setting family boundaries are important. Parents must ensure and make children aware that they should not share any personal information online and always seek adult;s permission while accessing a new digital tool.

Dr. Kavitha Muthy: Parents as well play a key role in ensuring that precaution actions are taken and if handled without preparation they too will face some serious cyber security risks. Self learning on cyber security is crucial for them to be cyber aware and enforce that practice on the children. Monitor their children’s internet activity closely and this can be supported by many monitoring tools. Parents need to ensure the end-point protection like anti-malware, etc and personal firewall, and regular software updates. On the other hand, clear communication with their children about being cyber safe would minimize the risk while built a culture of trust between parents and the children.

7. How do we know it’s a phishing site? What are the indications? What do we need to do to prevent it? Are there any application/s that can filter this kind of activity?

Mayuri Ambule: A few tips for safe browsing
Always look for https:// ( s stands for secure here)
Avoid clicking links. Type the link address instead
Do not open any attachment or email from an person
Do not forward mails to large number of people. First its spamming. Second it puts yours and other device at risk

Dr. Kavitha Muthy: Technically they would be able to recognize from the URL and check the validity of the website. (“http://” at the start of the address). So, it is advisable to use a web browser with anti-phishing detection and be wary of other methods to identify a legitimate site, like an unbroken key or locked padlock at the left of the URL bar of the browser, that means it is not a reliable site and do not click on it. If you receive any suspicious email from an authority or financial institution, please validate with the respective party and do not click on the link.  

If you missed watching the live panel discussion, you can watch it on demand here.

Watch this webinar on-demand now >

Watch this webinar on-demand now >

You may also be interested in the following webinars on-demand:

To register for our future webinars, please click here.

About EduTECH Asia 2020

At EduTECH Asia, we pride ourselves on bringing together thousands of educators from across Asia to evaluate and plan for the future of learning. In 2020, we’re be going bigger and better than ever before. Spanning across 4 exciting days, the event will feature 2 conferences with 12 theatres of content spanning topics in K-12 Education and Higher Education. Plus, there will be Practical Workshops, EduSHARE Roundtables and more. The event will also feature an exhibition showcasing the latest edtech innovations and technologies. Join us at Asia’s largest education festival!

Book your seat now before the ticket price rises.

See you there!

If you have big ideas and experience in using technology to transform teaching and learning, we want you on our stage at EduTECH Asia  – Asia’s largest education festival! Email preeti.varadarajan@terrapinn.com to discuss speaking opportunities.

Leave a Reply

Your email address will not be published. Required fields are marked *