#NCSAM: Keeping Children Safe Online: A Four-Step Guide for Parents

Children are perhaps the most vulnerable subset of society when it comes to facing potential harm online. That's why Michael Hill has written this non-technical four-step guide for you to share with your family, friends, children's school and anyone who has small people to protect 

In this modern and data-driven age, it is common to read headlines of cyber-attacks exploiting huge corporations for millions of dollars or to hear tales of state-sponsored actors carrying out cyber-campaigns against national governments for geopolitical gain. However, it is important to remember the vulnerability of our children when surfing online, and more important still, to have the knowledge and skills to keep them safe.

“Children are naturally more impressionable, open-minded, curious and susceptible and also tend to be more adept at operating technology than any parent,” Raef Meeuwisse, author of Cybersecurity for Beginners, told Infosecurity.

Indeed, children today are incredibly tech-savvy when compared to previous generations. Modern technology allows children to learn, connect and socialize in ways that simply were not possible in the past, and in many ways, the youth of today are the better for it. Take the COVID-19 pandemic for example – for months, technology allowed children to continue to learn remotely when schools closed due to social distancing, whilst grandchildren were able to maintain contact with their friends and family through FaceTime or Zoom.

However, the inescapable fact is that, along with the benefits the online world has to offer children, there are also various risks and dangers that must be considered by parents and guardians to help keep them safe.

“Ever younger children are accessing the online world without preparation, guidance or support, making them vulnerable to a range of risks including exposure to harmful and inappropriate content, loss of privacy, cyber-bullying, online grooming and extortion and negative impacts on their health and well-being,” explained Alex Cooney, co-founder and CEO of CyberSafeIreland.

In fact, it is estimated that Childline receives 90 reports of cybercrime against children every day,  whilst the Tennessee Bureau of Investigation revealed in August that the number of tips received regarding cybercrimes against children has increased sharply since the outbreak of COVID-19, linked to an increase in the amount of time people of all ages are currently spending online due to social distancing.

It’s therefore never been more important for parents and guardians to understand, recognize and act upon the potential harms that can impact children to ensure that they are kept safe online. So, how can they go about doing it?

“Children are naturally more impressionable, open-minded, curious and susceptible, and also tend to be more adept at operating technology than any parent”

1: Education Your Children (and Yourself)

According to Javvad Malik, security awareness advocate at KnowBe4, the first key piece of advice for parents/guardians is to educate children about the dangers of the internet and what behaviors are acceptable, and which or not.

“This is not too different from the physical world where children are told to not talk to strangers, go too far or stay out too late,” he explained.

“While technical controls do have their place and role to play (particularly filtering sites for young children) they can be bypassed by slightly older children.”

Malik therefore believes that the use of technology should, first and foremost, be addressed like any parenting challenge through educating children; instilling within them the values that are important to parents and maintaining an open relationship in which children can discuss matters with their parents without fear.

Wendy Nather, head of advisory CISOs at Duo Security (Cisco) agreed: “It is very important for parents to talk in general with their children about what they could run into online, and explain what they should look out for.”

Of course, to get the above right, parents and guardians themselves need to partake in some learning of their own, with particular focus on the various types of online harms that children can be exposed to, and how.

“We can educate ourselves in the latest platforms, acronyms and trends that our children will have access to,” said environmental psychologist and wellbeing consultant, Lee Chambers.

“Of course parents should also make themselves familiar with the security, privacy and safety features of the software and devices their children access,” added Brian Honan, owner of BH Consulting. “There are plenty of online resources to enable parents to understand these areas. Responsible parents do not give their children bicycles without teaching them how to cycle, so they should take the same measures when enabling their child to go online.”

“It is very important for parents to talk in general with their children about what they could run into online, and explain what they should look out for”

2: Implement Open and Honest Controls

Once that initial education piece has been established, the next important step to approach is the use of internet controls, restrictions and supervision with regards to what children can and are doing online.

“As parents, we should always look to monitor our children’s use of technology to some extent,” said Chambers. “We can consider parental control apps, data access and knowing who our child’s contacts are.”

Meeuwisse concurs that such controls can be effective, but he also adds some important caveats.

“Allowing a child unsupervised on to the internet is the psychological equivalent of letting them go outside alone and unguarded when you know that there are all kinds of miscreants and ne’er do wells in the neighborhood. So use parental controls – but do not rely [solely] on them,” he says.

“Furthermore, I would not advise the use of hidden spyware to monitor child activity – not only is it illegal in many jurisdictions – but that is a fast way to lose the trust of your child.”

This means that any form of internet control or supervision should be implemented openly and honestly to avoid further unwanted consequences. “If you need to monitor an online session – be up front about it and do it overtly rather than covertly,” Meeuwisse adds.

“Parents should also make themselves familiar with the security, privacy and safety features of the software and devices their children access”

3: Look Out For Behavioral Changes

Although education and managed controls are important steps for protecting children online, issues can inevitably still arise even when the most careful precautions have been put in place. For that reason, parents and guardians should also continually be mindful of and pay attention to children’s behaviors to look out for any indicators that they are potentially being exposed to online harm.

“Some of the signs of online harm can be children withdrawing from the family, not willing to go out to social gatherings or indeed to school,” explained Honan. “A key indicator can often be a reluctance to discuss what they are doing online and hiding their activity from their parents.”

Also, look out for cues such as children being angry or distressed after being online or looking anxious while using a device, or maybe even if a child’s sleep, appetite or joy for life has changed, added Chambers.

If such signs are noted, it is then vital that parents and guardians approach them in the correct way through supportive communication.

“Open and honest communication is vital, letting them [children] know that we are there to protect, not punish,” Chambers advised. “The most important of all is to foster an understanding in our children that if they are targeted, they should tell a trusted adult as soon as possible, and that they will not be restricted in use or privacy if they are proactive in communicating with us.”

Honan added that, if there are real concerns about a child suffering from online harm, then it is advisable to seek professional help as soon as possible, and in extreme cases, to contact the police.

“As with everything else we try to do to keep our children safe, communication and trust are key”

4: Build a Foundation of Trust and Support

“It is never easy to find the balance between your child’s autonomy and safety,” admitted Chambers.

However, through a combination of education, managed controls and ongoing support, parents and guardians can effectively help to protect children online.

“A foundation of trust and support, with clear guidelines on what they can and cannot do, and regular communications, can provide children with the confidence to stay safe online,” said Honan. “Our aim should be to make children resilient by giving them the confidence and the tools to deal with any negative experiences they have online, no matter how embarrassing or serious that issue is.”

To conclude, Nather shared insight into her own experiences of taking action to help protect her children online.

“I’ve helped my children understand (and recover from) the consequences of sharing their passwords, even for online games. They’ve come to talk to me about disturbing YouTube videos and bullying. We’ve even had to talk about conspiracy theories in social media, and of course right now we’re talking about disinformation around the election.

“As with everything else we try to do to keep our children safe, communication and trust are key.”

For further information and guidance on protecting children from online harm, visit the Childline online safety page.

Join Cyber Security Industry leaders in supporting White Hat’s Unforgettable Day, a campaign that aims to raise enough to fund Childline for one full day, by donating what you can. Throughout lockdown the wonderful Childline counsellors continued to travel to NSPCC centres to answer over 100,000 calls from children who needed their help, working tirelessly through lockdown and beyond. The White Hat Unforgettable Day campaign provides the opportunity for our sector to once again show support of Childline, funding a day of Childline and changing children’s lives.

What’s Hot on Infosecurity Magazine?