UGC colleges and universities lack a cyber security ecosystem as they do not have required handbooks, courses and policies on cyber safety.
University Grants Commission (UGC), has not taken necessary action to develop a cyber security ecosystem in educational institutions. This comes after the Ministry of Education’s notification to UGC regarding development of a cyber security ecosystem in educational institutions through handbooks, policies and training courses on cyber safety.
Experts said that students should have an understanding of cyber ethics to access online spaces safely.
The recommendations included preparation of a ‘Handbook on Cyber Hygiene’ in vernacular languages, curriculum with ‘Hands-on-Training’ to be taught in all colleges and universities, and creation of a ‘Baseline policy’ stating the dos and don’ts for cyber security.
Students are unaware about these recommendations regarding cyber safety. Ankitha, a college student in Bangalore said that she has never heard anything about a handbook, a policy or a training course for cyber safety in her college.
“Every single activity a person does online, is prone to attacks and whenever you become a part of the cyberspace, you know someone is always watching what you are doing. Anything you do can be used against you. Hence, knowing what you are getting into is important,” she added.
Colleges and universities do not have discussions about cyber safety. Nalini Srinagesh Paul, an assistant professor at a government college in Bangalore said that their college does not have a handbook, a baseline policy for dos and don’ts or a training course. However, there is a need to educate students about cyber safety especially when education is rapidly shifting online, she added.
Dr. Vijay Kumar, vice-president at a college in Bangalore said that they do not have training courses or handbooks for the students to follow for maintaining cyber safety. However, since everything is digitized, cyber security becomes a part of general awareness and students require certain trainings for the same, he added. Occasionally, workshops have been conducted about cyber safety and they are planning to conduct one soon, he further said.
Issues with cyberspaces
Bangalore saw increasing number of cyber crime cases in 2019 according to National Crime Records Bureau (NCRB) data. It had 10, 555 cyber crimes registered, accounting for 57.5 per cent of the total cyber crimes in metropolitan cities that year.
Studies have suspected that the increasing number of cybercrimes especially during the age group of 17-18 years could be linked to the shift of classes to the online mode thus increasing students’ engagement online.
Rakshit Tandon, a cyber safety expert and head of the capacity building program at Cyberpeace Foundation, said that with the pandemic, penetration of internet is higher and drastic instances of cyber crime have to come to light including the Bulli Bai App and the Bois Locker Room cases.
The probable threats for students are around privacy and data security issues due to easy acceptance of permissions to use personal data. Additionally, instances of indulging in illegal activities like changing attendance numbers by hacking into the system, have been observed, Tandon further said.
Hence, there is a need to address cyber safety and ethics at college level though trainings and sessions to prevent them from both becoming victims or indulging into unethical online practices.
Sushanth Samudrala, a cyber law expert said that students need to be aware about updating anti-virus programs, distinguishing between suspicious and genuine links and risks of disclosing their personal information to various applications.
Students have been in situations wherein they put their school or college network at risk by indulging in unethical practices, knowingly and unknowingly, through their college network or mail IDs, said Gauthami B E, senior cyber security analyst at CyberSafe, Bangalore, an IT security consulting company.
Moreover, students sign up for a variety of applications and websites, and accept cookies without reading their privacy policy. Since the email accounts they log in through, take auto-filled information, their personal details become (bank details linked to an ID among others) vulnerable to attacks, Gauthami added.
Suggestions
Experts say that colleges and universities need to have the recommended handbooks, policies and courses for expanding the discussion around cyber safety and ethics. Schools and colleges are not well equipped with technicalities about cyber safety and they should seek advice from cyber safety experts to conduct classes for cyber safety and ethics through a club, said Samudrala.
Educational institutions should take initiatives to explain basic things to students about cyber safety, said Gauthami. Differentiating signs for secured and non-secured websites, awareness of phishing attacks, blocking ad pop-ups that make far-fetched claims and ways to prevent release of personal information with mindless app permission acceptances should be focused on, added Gauthami.
“Usage of latest versions of anti-virus software, constant updating of browsers, checking for malware and spyware, clearing cache and memory could be basic things that students should be doing to be safe online,” Samudrala added.
Students also think that they need guidance regarding cyber safety.“I would like my college to conduct workshops and teach what is cyber safety and what counts as cyber-attacks, how do we know our safety has been compromised and most importantly, what to do when something happens. We do not know how to react,” Ankitha said.