This session will provide an insight into the human-related issues of maintaining secure systems. Learners will be given an opportunity to learn about social engineering (in all its forms - phishing, smishing and vishing) and understand the important role that each and everyone has in ensuring systems remain secure. Statistics and real-life examples will be drawn upon to provide an aid in understanding the often complex attacks that can take place. The session will also address the role of security awareness and education and the need to develop a positive and collaborative cyber security culture.
50 minutes
The lession requires the following:
- Presentation slideset
- School Security Policy - or use generic example found in the Resources section
- Social Engineering Quiz
- Cyber Security Poster examples
The session will begin with a slideset to introduce the core concepts surrounding the human-factors of cyber security. This will also include introducing a security policy and understanding the context of what students/employees need to understand. An overview of social engineering will also be provided (20 mins).
The practice exercises are focused around:
- A Social Engineering Quiz - where students can test their ability to identify an attack versus legitmate communication
- Design a cyber security awareness poster - identify a relevant area of awareness and design an engaging and informative poster/info-graphic - using Canva (or similar)
After each quiz, there is an opportunity for the teacher to review the answers and discuss/reflect with the class. Point to further resources to help students wanting to learn more (30 mins).
- To understand the role that people have in cyber security
- To understand the role of a security policy and how that needs to inform student/employee behaviours
- To understand the variety of different approaches people can be socially engineered
- To understand the importance of continuous learning in cyber security and the need to develop a collaborative and positive culture