FAKULTI PENDIDIKAN

Faculty of Education

GGGE6543 SEMESTER 1 TUGASAN

TEKNOLOGI SESI 2 KERTAS KONSEP
MAKLUMAT 2017/2018 (CYBERSECURITY)
DALAM
PENDIDIKAN

Pensyarah/Lecturer: Nama & No. Matrik:

IZZAH HANIS BINTI SAIRI
GP06121
DR. FARIZA BINTI
KHALID NURUL AMIRAH BINTI ABDUL RAHMAN
GP07012

NURUL AKMA BINTI MOHD ZIZI

GP07011
Importance of Cybersecurity
Education in School.
Izzah Hanis Sairi, Nurul Amirah Abdul Rahman, Nurul Akma Mohd Zizi, Fariza Khalid.
Faculty of Education, Universiti Kebangsaan Malaysia, Bangi, Malaysia.
Email: ​ihanis25@gmail.com​, nurulakma.mzizi@gmail.com, nurulamirah.abdrahman@gmail.com,
fariza.khalid@ukm.edu.my

Abstract
Cybersecurity has become critically important to all who are active in cyberspace. Young
children specifically need to be educated to operate in a safe manner in cyberspace and to
protect themselves in the process. The objective of this paper is to show why it is so
critical that modern-day school children or learners are educated about the risks
associated, while being active in cyberspace, what factors are hampering such education,
and lastly to describe the importance of cybersecurity curriculum that can be used by
teachers in junior or primary schools, specifically in developing Malaysia to empower
such education.

Keywords
Cybersecurity, Cyber safety, cyber education, cyber awareness
1.1 INTRODUCTION
Many of us always use social media as a platform to express feelings, provocation or
make it a popular stage to be known. As many people want to be the first to share the
issue, sometimes they ignore whether the information presented is authentic or
otherwise. After being told, it triggered a phenomenon or hot news until it became
viral. The use of the internet is not only limited to adults, but in this era of technology
and multimedia, the knowledge of cyberspace is also familiar to children. Since early
childhood, children are exposed to interactive game apps and watch videos on
YouTube. Initially, the gadget and internet were only used as a bait for the little kids to
avoid his or her from getting cry and for entertainment purpose, but eventually it has
become addicted.

The Malaysian Communications and Multimedia Content (CMCF) Forum, received

357 complaints from consumers on various issues including child pornography and
cyberbullying (Siti Airunnisa, 2018). CMCF, an industry body responsible for
preparing the Content Code under the appointment of the Malaysian Communications
and Multimedia Commission (MCMC), informed that the number of complaints
regarding the same thing is expected to increase this year as last year's complaints
amounted to 395 complaints until December 31. The most worrying groups are children
and adolescents who are among the most vulnerable groups with any negative elements
displayed. Obviously, they can easily emulate something heard or even seen unaware
of the parent or guardian, which eventually leads to a riskier treatment.

Cybercrime in children and adolescents is certainly a concern for parents as they

sometimes do not realize their child is a victim of cybercrime. Many parents mistakenly
and doubt the extent to which online activities they perform in cyberspace. Some are
bullied through comments and insults, no less intimidated, harassed, stimulated, abused
and sexually exploited. According to statistics from the Royal Malaysian Police
(PDRM), nearly 80% of rape cases reported in the country for the past two years
involve friendship in the virtual world and most of the victims under the age of 18
years (Yusliza Yakimir, 2017). Grooming children and adolescents to become sexually
abused victims is increasingly worsening and alarming as more and more of these
sexual predators are using fake identities on the Internet when they seek the victims.

How about the parent efforts to protect their children from cyber threats? Although at
the very young age, there is no doubt that children are more efficient and skilled in
using their own or parents’ smartphones. They are not only tech savvy but proficient to
use them. In fact, there are also parents who give gadgets to the child as a reward for
excellence in exams, birthday presents or vice versa. This makes the youngest child
vulnerable to abuse of technology, independently exploring the outside world without
borders and even can exploit the internet on his cell phone without monitoring. While
enjoying the benefits of the Internet, it is important for everyone whether parents and
children are aware of potential risks such as cyberbullying as well as taking safety
precautions as children now have Internet access at an earlier age. Educators to
disseminate cyber security messages in order to promote online behavior responsibly.

Children’s use of the internet is changing fast, in response to considerable societal,

market and technological innovation. As children’s frequent engagement in video,
music, gaming, messaging and searching implies, their internet use is broadly positive.
Parents of 3 to 4 years old report that their child is more likely to watch cartoons,
mini-movies, animations or songs on YouTube. The content children watch as they
grow older differs as older children watch more music videos, vloggers or YouTube
personalities and funny videos (Ofcom, 2016). The role of schools is important in
teaching critical digital literacy to students, as well as in guiding and informing parents
regarding children’s internet use at home.

The objective of cybersecurity education is to educate the users of technology on the

potential risks that are faced when using Internet communication tools, such as the
social media, chat, online gaming, email and instant messaging. The objective of this
paper is to show why it is so critical that modern-day school children or learners are
educated about the risks associated, while being active in cyberspace, what factors are
hampering such education, and lastly to describe the importance of cybersecurity
curriculum that can be used by teachers in junior or primary schools, specifically in
developing Malaysia to empower such education.

The outline of this paper is as follows: In Section 2, the definition of cybersecurity will
be mentioned. The main reasons for cybersecurity education will be discussed in
Section 3, where the difficulties and challenges of such education will be presented in
Section 4.

1.2 CYBER SECURITY DEFINITION

The emergence of the Internet also allows humans to enjoy two realms in their real life
and virtual world. With search engines such as Google, Yahoo and video sharing sites
such as YouTube now has all the information in the human finger tips. In the growing
world of cyberspace, it should also have negative effects on Internet users such as cyber
crime. Hence, such things should be contained early so they do not have a major impact
on the country. In this context, the element of cybersecurity implementation among
Internet users is very important. In general, cybersecurity refers to how Internet users
are using the Internet medium positively and safely and protect themselves from cyber
threats. Cyber security education is necessary that cyber crime cases can occur
anywhere regardless of individuals, organizations and places.

The definition of cybersecurity is the state of being protected against the criminal or
unauthorized use of electronic data, or the measures taken to achieve this (Oxford
University Press, 2014). Explosion of information technology information or briefly
ICT (Information Communication Technology), has brought great changes in our lives.
With the existence of the World Wide Web network, individuals and organizations can
easily display any information. But if this is used for bad purposes then it will have a
negative effect on life. In addition, the internet also brings pornographic information
that can generate social problems, especially crime. The internet network can also be an
unhealthy channel for crimes. being the main cause of Malay teenagers trapped in the
truancy of the school.
Cyber security is also defined as the activity or process, ability or state whereby
information and communications systems and the information contained therein are
protected from and/or defended against damage, unauthorized use or modification, or
exploitation (DHS, 2014). Undoubtedly, the internet seeks to increase one's knowledge.
For example, online computer games or using gadgets require highly skilled users in
English especially in understanding game settings, game procedures and how to invite
other players beyond the virtual boundaries. This will indirectly encourage reading,
writing and speaking skills in English. However, usually a computer game will be fun
and take a long time for a user. This can cause laziness and teens to concentrate on
gameplay and even gadgets. Adolescents can also be addicted and many productive
times such as reviewing lessons are ignored.

1.3 THE NEEDS OF CYBERSECURITY EDUCATION

Statistical reports released by the Cyber ​Crime and Multimedia PDRM Investigation
Division, cases of cyber-love scams or better known as the African Scam are in a state
of concern (Suhaila, 2018). The number of fraud cases increased in 2013 where cases
reported were 1095 cases compared to only 814 cases in 2012. Additionally, Mohd
Roslan (2014), is of the view that the recent Malaysian was thrown into an incident of
arrest an 18-year-old boy for committing an offense under the Copyright Act 1987
where the teenager uploads and downloads local music and international films without
the owner's consent. Among the uploaded films are Gravity, Pacific Rim, 47 Ronin,
The Hangover 3, We Are the Millers, The Hobbit: The Desolation of Smaug, Ride
Along and The Wolverine. In addition, according to Marimuthu (2016), fraudulent
purchase of goods online is also the highest for 2015 with a loss of more than RM4.9
million in which the sectors involved are like automobile, housing and tourism.

Cyber security education is needed to control the addiction of computer games. This
addiction certainly has a negative impact. Teenagers spend a lot of time on computers
and socialize with their respective gadgets. Time and place are no longer the only issue
of internet access to addiction. Over time this addiction to online games can not be
avoided. The precious time is just left over for the addiction of the gadgets. This is a
very bad impact to teenagers. Night time is spent browsing the internet and this will
exacerbate the situation even can cause teenagers to have health problems. These
threats and attacks can come in many forms – where users are not always aware that
they are being attacked. Therefore, it is essential to educate and empower users,
especially children, on the safe and responsible use of online resources and platforms to
establish a cyber-safety culture (Solms & Solms, 2014).

1.4 CHALLENGES OF CYBERSECURITY EDUCATION

Social media such as Facebook, Instagram, LinkedIn, Youtube and Twitter are the most
popular applications of Malaysians. This explosion of information contributes to
various risks involving privacy and security. Even the authenticity and accuracy of
information in this virtual space can also be disputed. Children need to be exposed to
self defense and responsibility when faced with any possible cyber threats. Malaysia
also needs to train human resources with knowledge of cybersecurity monitoring.

Students also need to be exposed and taught the techniques used by hackers to find out
the weaknesses of a system and suggest the necessary improvements to avoid
compromising the system of malicious elements. There are challenges, however, in
ensuring teachers are sufficiently trained and up to date in their knowledge, in
promoting critical understanding rather than restrictive approaches to safety, as well as
in tasking schools with guiding students and parents in their use of the internet at home.

Various challenges faced to implement cyber security education in schools include lack
of expertise, funding and resources. Teachers lack knowledge and expertise about
cyberspace. Schools and ministries may lack resources and facilities to implement
cyber security education. The speed of technological change results in new risks and
solutions. Teachers may face problems in maintaining the latest knowledge of
technology and ensuring safe students (Miles, 2011). This is a major obstacle for
teachers as they lack access to learning materials and need to be sensitive to
technological change. Early exposure and training to students at school level should be
promoted through cyber security symposium. The human capital given the exposure
and the training is expected to be the culprit to the country's future cyber defense.
 2.0 METHODOLOGY

This research emphasises few research studies that focus about cybersecurity education.
The literature chosen was basically in two languages which are in Bahasa and English.
Overall, the years of the studies are published in between 2011 until 2018 and they are
are mostly related to cybersecurity education and others closer to it.

More than 240 studies were found and only 30 studies were selected. The selected
studies were chosen based on the context of studies, scope and the respondents related.
Figure 1 summarizes the selection process of this paper.

Figure 1: The process of selection of the studies.

 Table 1 below shows the summary of the selected studies in terms of the
methodology, location, research focus, area and application of the research.

Table 1: Summary of the 30 studies revised.

Experimental Location Research Area Application of

Design focus cybersecurity
education

Qualitative (5) USA (11) Students (18) Self-efficacy (1) Mobile app (1)
Quantitative (11) UK (2) Educators (6) cybersecurity(12) Safety (1)
Quasi experiment Malaysia (6) Parents (6) Conception/ Curricular (1)
(4) South Africa (2) Experts (6) perception (2) Legislation (2)
Concept paper (5) Afghanistan (1) Employee (4) Behavior (1) Infrastructure (2)
Action Research (1) Middle east (2) Cyber crime (2) Security training,
Case Study (1) Hawai (1) Cyber Ethic (2) program/ seminars/
Rusia (1) Cybersafety (1) workshop (4)
Risk (1)
Awareness (6)
Reasoning (1)
Engagement (2)

The research questions for this paper consist of two which are:
1. What are the importance of cybersecurity education in school?
2. What are the strategy and suggestion that the stakeholder can do to promote
cybersecurity education in school?

3.0 RESULT AND DISCUSSION

The research findings are explained according to the research question.

3.1 The importance of cybersecurity education in school.

According to the literature review, they are many benefits if the school really inculcate
and apply the cybersecurity education. A survey has shown in a survey result on adults
and cybersecurity (2018) states that participants are less willing to spend money nor
time on possible seminars or programs about cybersecurity awareness. Therefore, it is
crucial if the school become the place of knowledge centre to expose about the
cybersecurity to the community in the first place. The school administrators and
teachers can discuss together and organise school program or activities about
cybersecurity education. Besides, the school are always provided with Government
financial allocation will never have problem dealing with the expenses to organise such
things to the community.

Apart from that, it is beneficial for the changing mindset of one person. Every
people are lack of cybersecurity awareness is because that they are not informed with
the knowledge and understanding of the effect of cybersecurity itself. According to
M.E Thomson R. von Solms (2018), identifies that a change of attitude/ behavior of
people who accomplish in security awareness program. Suzanne D. Pawloski,
Yoonhyuk Jung (2015) reveals that students perspectives can be used to motivate and
enhance learning about cybersecurity threats and mitigation strategies. The more school
has exposed the more willing the pupils want to know and learning about cybersecurity.

3.2 The strategy and suggestion for the stakeholder to promote cybersecurity
education in school.
Video cartoons were identified for use as resources by teachers in discussing and
stimulate cybersecurity principles to primary school learners such as using the Upin
and Ipin stories to raise awareness of cyber security (Muhammad Adnan, Siti Zobidah,
Jusang & Akmar, 2017). Subjects of Information and Communication Technology as in
primary schools need to be improved with cyber security topics. In addition, safety
aspects can be taught through existing subjects. For example, under the subject of
Bahasa Melayu, students can be given essays entitled cybersecurity. In addition, the
cybersecurity title can also be used as a discussion in the classroom or through
competitions such as speeches and cybersecurity awareness weeks.

Teacher education programs must prepare their preservice teachers to model and
teach cybersecurity topics and safe computing practices so that future generations will
know how to behave ethically as well as to keep themselves safe and secure online
(Pusey & William, 2012). Despite their young demographic and access to technology,
the preservice teachers surveyed do not possess adequate cybersecurity knowledge nor
the ability to teach their future students to keep themselves and their data safe from
 harm. This is in conflict to the digital native analogy, as natives would know what
clues in the environment indicate they are safe and protected.
Providing knowledge to upgrade teachers and students understanding about cyber
issues is one of the few steps that could be taken by the relevant parties to protect such
groups from the evolving cyber security threats (Lalitha, Balakrishnan & Zarina Samsudin,
2017). Thus, cybersecurity awareness education is important to protect the Internet users
from potential cyber crimes as well as evolving cyber threats. Although some security
experts doubted the importance of the cyber security education or training (Schneier, 2013),
yet many researchers believed that education or training is essential in protecting cyber
users from cyber security threats (Moore, 2011; Muniandy & Muniandy, 2013). Education
is important to address the cyber security threats as all protection factors play an essential
role in curbing the evolving threats.

Moreover, security awareness program is one of the strategies that can promote the
cybersecurity education in school. This principles that have been refined over many years of
research in the social psychology arena, but which have been largely ignored by IT
professionals when developing information security awareness programs (Kabay, 1994, p.
1). For example, cybersecurity education program called ​GenCyber i​ s a summer camp for
students and teachers throughout American grade school levels that is supported NSA/ NSF
(2017). According to Joseph, Frank, Ibrahim (2018) agree that both programs are offered at
no cost to students and are intended to increase interest in cybersecurity careers; they are
meant to be a solution to the shortfall of skilled cybersecurity professionals in America but
also teach students how to protect themselves in a networked world. This kind of awareness
program should be implemented in every school as this initiative able to promote awareness
and preparedness among the school community.

School administration can establish cyber security organization like student club or
council in school. This is actually a good exposure to the school community not only for
students but the whole community near the school The students can get teachers’ guidance
to experience and learn more about cyber security. According to Nakama, Debrar, Paullet,
Karen (2018) the students will learn how to navigate the learning management system.
Apart from that, students need to understand by themself about the cybersecurity. The most
effective way of understanding is to create an active learning. So, in this 21st century
learning, students are more into a learner centered whereby they can find the information
about cyber security from the internet and teacher can just monitor their actions in time to
time. An active learning encourage better understanding especially for the students
themselves.

Fariza et all (2018) found that, even though students get high level of awareness on
cybersecurity education such as cyber bully, personal information and internet banking, but
there are still less information regarding the education on cyber-sex and self-protection. It is
very important for teachers, parents and government to be more proactive in educate those
subject and throw away the ‘​tabu​’ stigma on sex-education.

4.0 CONCLUSIONS

Based on the synthesis of the 30 selected literature, it was found that it is very
important to protect children with cybersecurity education so that it can educate the
children about the potential risks they are faced when using Internet communication
tools, such as the social media, chatting and online gaming.

However, several challenges of cybersecurity education have been faced. It include the
efficiency of the teachers knowledge, lack of expertise, funding and resources. So it is
very important for all parties such as teachers, parents, peers and government to work
together to find the best solution to preventing our children from cyber crime and cyber
bullying with cybersecurity education in school. The media such as television and
radio also must play an important role in educate children through cybersecurity’s
campaign because it is more interactive and interesting for them to understand.
References

Al-Waali, Safa Mahdi Ubeid. 2017. The Importance of CyberSecurity as a Part of The
National Security System. ​Al-Ameed Journal. ​6(4): 187-208.
http://eds.b.ebscohost.com.ezplib.ukm.my/eds/pdfviewer/pdfviewer?vid=1&sid
=849d7e03-10f0-451c-9a4b-a394b8129992%40sessionmgr103​. [21 January
2019]

DHS. 2014. A glossary of common cybersecurity terminology. National Initiative for

Cybersecurity Careers and Studies: Department of Homeland Security. October
1, 2014:​ http://niccs.us-cert.gov/glossary#letter_c​ [11 Januari 2019].

Dmitriy A. Melnikov, Grigory P. Gavdan and Ivan A. Korsakov​. 2018. To The Issue
About The Purpose And Objectives The USA National Initiative For
Cybersecurity Education. ​Bezopasnostʹ Informacionnyh Tehnologij.​ 25(2): 23-37.
DOI ​10.26583/bit.2018.2.02. ​[21 January 2019].

Fariza Khalid, Md Yusoff Daud, Mohd Jasmy Abdul Rahman, Md Khalid Mohamad
Nasir. 2018. An Investigation of University Students’ Awareness on Cyber
Security. International Journal of Engineering & Technology.​ 7(4.21): 11-14.
https://www.sciencepubco.com/index.php/ijet/article/view/21607​. [21 January
2019].

Giannakas, Filippos, Kambourakis, Georgios, Papasalouros, Andreas, Gritzalis and

Stefanos. 2016. Security Education and Awareness for K-6 Going Mobile.
International Journal of Interactive Mobile Technologies.1​ 0(2): 41-48.
http://dx.doi.org/10.3991/ijim.v10i2.5473​. ​[21 December 2018]

James Shires. 2018. Enacting Expertise: Ritual and Risk in Cybersecurity.

Politics and Governance. 6(2): 31–40.
http://eds.b.ebscohost.com.ezplib.ukm.my/eds/pdfviewer/pdfviewer?vid=3&sid=
33904b17-bb47-4d24-98ed-1b48deadc9b5%40sdc-v-sessmgr03​. ​[21 December
2018]
Joseph Ricci, Frank Breitinger, Ibrahim Banggili. 2018. Survey results on adults and
cybersecurity education. ​Education Information Technology.
https://doi.org/10.1007/s10639-018-9765-8
Kabay, M. (1994), “Psychological factors in the implementation of information security
policy”, EDPACS, The EDPAudit, Control and Security Newsletter, Vol. XXI
No. 10, pp.1-10.

Knapp, Kenneth J., Maurer, Christopher, Plachkinova and Miloslava. 2017. Maintaining
a Cybersecurity Curriculum: Professional Certifications as Valuable Guidance.
Journal of Information Systems Education. ​28(2): 101-114.
http://eds.a.ebscohost.com.ezplib.ukm.my/eds/pdfviewer/pdfviewer?vid=2&sid=
11438282-d4b4-4d41-b894-90a6fae0a45a%40sessionmgr4010​. [21 January
2019].

Lalitha Muniandy, Balakrishnan Muniandy and Zarina Samsudin. 2017. Cyber security
behaviour among higher education students in Malaysia. ​Journal of Information
Assurance & Cybersecurity:​ 1-13.

Marimuthu. 2016. ​Pembelian secara online catat kes penipuan paling tinggi pada
2015.
http://www.nccc.org.my/v2/index.php/component/content/article/1763-pembeli
an-secara-online-catat-kes-penipuanpaling-tinggi-pada-2015​. [11 Januari 2019].

M.E. Thomson R. von Solms, (2018), “Information security awareness: educating your
users effectively”, Information Management & Computer Security, Vol. 6 Iss 4
pp. 167 - 173

Miles, D. 2011. Youth protection: Digital citizenship - Principles and new resources.
Second Worldwide Cybersecurity Summit (​ WCS). .

Mohd Roslan. 2014. ​KPDNKK tahan remaja 18 tahun muat turun muzik tanpa
kebenaran.
http://www.utusan.com.my/utusan/Jenayah/20140527/je_02/KPDNKK-tahan-re
maja-18-tahun-muat-turun-muziktanpa-kebenaran. [11 Januari 2019].

Moore, R. 2011. ​Cybercrime Investigating high-technology computer crime.​ MA:

Anderson Publishing, Burlington.

Muhammad Adnan Pitchan, Siti Zobidah Omar, Jusang Bolong & Akmar Hayati
Ahmad Ghazali. 2017. Analisis keselamatan siber dari perspektif persekitaran
sosial: kajian terhadap pengguna internet di lembah klang. ​Jurnal of Social
Science and Humanities. ​12: 016-029.

Muniandy, L. and Muniandy, B. 2013. The impact of social media in social and
political aspects in Malaysia: An Overview. ​International Journal of
Humanities and Social Science.​ 3 (11): 71- 76.
Nakama, Debra, Paullet, Karen. 2018. The Urgency for Cybersecurity Education: The
Impact of Early College Innovation in Hawaii Rural Communities. Information
Systems Education Journal. 16(4): 41-52. ​https://eric.ed.gov/?id=EJ1188021​.
[21 January 2019].

Ofcom. 2016. ​Children and parents: Media use and attitudes report.
www.ofcom.org.uk/__data/assets/pdf_file/0034/93976/Children-Parents-Media-
UseAttitudes-Report-2016.pdf​. [11 Januari 2019].

Oxford University Press. 2014. Oxford Online Dictionary. Oxford: Oxford University
Press. http://www.oxforddictionaries.com/definition/english/Cybersecurity [11
Januari 2019].

Pusey. P & William A. S. 2012. Cyberethics, Cybersafety, and Cybersecurity:

Preservice Teacher Knowledge, Preparedness, and the Need for Teacher
Education to Make a Difference. ​Journal of Digital Learning in Teacher
Education: 8​ 2-88.

Schneier, B. 2013. ​Security awareness training.

https://www.schneier.com/blog/archives/ 2013/03/security_awaren_1.html. [11
Januari 2019].

Siti Arunnisa Alaui. 2018. Aduan jenayah siber kanak-kanak meningkat. ​Utusan
Online.
http://www.utusan.com.my/mega/rona/aduan-jenayah-siber-kanak-kanak-menin
gkat-1.779317​. [11 Januari 2019].

Solms, S. V. & Solms R. V. 2014. Towards cyber safety education in primary schools
in Africa. ​Proceedings of the Eighth International Symposium on Human
Aspects of Information Security & Assurance.​ 185-97.

Suhaila Shahrul Anuar. 2018. 8313 kes penipuan siber direkodkan. BH Online.
https://www.bharian.com.my/berita/nasional/2018/10/483422/8313-kes-penipua
n-siber-direkodkan . [11 Januari 2019].

Suzanne D. Pawlowski and Yoonhyuk Jung. 2015.Social Representations of

Cybersecurity by University Students and Implications for Instructional Design.
Journal of Information Systems Education​. 26(4): 281-294.
http://eds.b.ebscohost.com/eds/pdfviewer/pdfviewer?vid=11&sid=228edceb-531
9-4eb4-9075-d72376f0507a%40pdc-v-sessmgr03​. [21 January 2019]
Yusliza Yakimir Abd Talib. 2017. Keselamatan di alam siber. ​MyMetro.
https://www.hmetro.com.my/hati/2017/12/295907/keselamatan-di-alam-maya​.
[11 Januari 2019].