The mass use of technology during the COVID-19 pandemic must be accompanied by capable cyber security as a fundamental key aspect in companies being able to run effectively and efficiently. Following with technology use during the pandemic, education as an essential sector has had to undergo digital transformations while keeping in mind the quality of education received by students.
This situation was the main topic of discussion in a webinar titled “Cyber Security: A Fundamental Key for Digital Transformation in the Education Sector” organized by Telkomtelstra in collaboration with the Association of Indonesian Private Universities (APTISI) and the Indonesia Australia Business Council (IABC) held on Tuesday 24 August 2021 via Zoom.
The webinar hosted several of speakers, including Dr. Amin Sakzad, a Senior Lecturer on Software Systems & Cybersecurity from Monash University, Australia; Anang Siswanto, a TelkomtelstraSM Solutions, IT & Business Analyst; Andy Siregar, Telkom Indonesia’s Principal Expert on Security Strategies; Prof. M Suyanto, Chancellor of AMIKOM University Yogyakarta and Vice Chairman of APTISI; and George Marantika, APTISI Vice Chairman and IABC National President, who acted as a moderator.
To open the webinar, Erik Meijer outlined changes to the education sector over the past 1.5 years of the COVID-19 pandemic, making digital transformation unavoidable.
Educational activities that were previously conducted face-to-face, must now be run virtually using platforms such as Microsoft Teams, Zoom, GoogleClass, and so on. As a result, the platforms’ cyber security and the use of cloud systems that are guaranteed to be secure is now an essential need.
Cyber security in the education sector is the responsibility of all parties, including the government, providers, and users. The ultimate goal is that learning can continue as normal, according to expectations, to maintain a high quality of education and that students benefit from online learning.
Monash University has also implemented digital transformations in the education sector using cryptography. The system translates into online interactions, for example through Zoom, Webex, Teams, and classroom learning platforms (EdSTEM, Moodle), including learning approaches using gamification and augmented reality (AR)/virtual reality (VR). Meanwhile, the assessment process can be conducted using online assessment platforms, eAssessment, and Al-driven invigilation.
Dr. Amin Sakzad, a Senior Lecturer on Software Systems & Cybersecurity from Monash University in Australia explained that before the pandemic, in-person lectures could be attended by 500 to 600 students. However, with the current distance learning system, lectures can be conducted online without the need for face-to-face meetings.
Online learning presents its challenges in delivering lecture materials interestingly and practically that students can easily understand. For example, in cryptography, Dr. Amin explained that one of the learning methods applied is a novel gamification approach. Other methods, including flip classes, offline recording, and haul Q&A workshops, are implemented at Monash University.
Of course, behind the implementation of digital transformations, there is always the threat of Ransomware, IDS, PenTest, and Malware attacks. The key to successfully preventing these attacks is to optimize data security, organizational security, software security, component security and connection security so that they operate correctly.
Another key to success is prudence, and educational institutions that are undergoing digital transformations always staying vigilant, as ransomware attacks continue to grow. According to data from the 2021 Checkpoint Cyber Security Report & Cisco 2021 Cyber Security threat trends, companies have had to pay USD 20 billion due to cyber-attacks.
There are currently two types of common ransomware attacks: phishing attacks and trojan attacks. Both of these types of attacks result in companies’ valuable information being ‘openly’ exposed so that it is freely accessible to anyone, or cause data to be lost/damaged and no longer usable by the organization. This inevitably results in losses for the company and sometimes even causes bankruptcy.
As a result of this, Anang Siswanto, a Telkomtelstra SM Solutions, IT & Business Analyst, insists that the principles of prudence and vigilance be the doctrine of all individuals in the current digital era. In other words, cyber security must start at the individual level or with the company’s internal IT team. Insufficient information or knowledge on technological transformations can be an entry point for these kinds of cyber-attacks.
One way of preventing these attacks is to maximize security features, for example by adopting multi-factor authentication (MFA), always backing up data, and encrypting all confidential data and communication lines.
These precautions are crucial as the side effects of digital transformation can leave companies vulnerable to cybersecurity risks. In a survey conducted by ‘Ponemon Institute 2020: Cyber Security Awareness Measurement Service’, more than 50% of c-level respondents stated that their organizations were extremely vulnerable to attacks.
On the other hand, as Telkom Indonesia’s Principal Expert on Security Strategies, Andy Siregar about the data noted that humans are the weakest link. In other words, the human factor or individual human beings are the weakest links in cyber security efforts.
Human weakness occurs when attractive gimmick offers in the form of discounts, goods, services, or other offers, tempt and deceive potential victims. These threats can appear as WhatApp messages, emails, or entire pages that turn out to be fraudulent (phishing).
The key to minimizing this weakness lies in the company’s commitment to building a culture of information security, by developing a “Dos and Don’ts” list that is compulsory for all relevant parties.
Meanwhile, Prof. M Suyanto, Chancellor of AMIKOM University Yogyakarta, Vice Chairman of APTISI and manager of MSV Studio, firmly believes in the importance of developing a culture of cyber security in an organization to protect valuable data. For example, at MSV Studio, cyber security is crucial to protect digital data in the form of animated films.
MSV Studio has collaborated with several companies in Silicon Valley and Hollywood film studios to produce several animated films. Cyber security is, therefore an important consideration as the process of producing animated films is divided into several stages, including pre-production, production, post-production, branding, and distribution.
During the process of producing animated films, cyber security is essential to protect the script or story, as the core of the film, and the characters in the film, which are all stored in digital data format. It is, therefore, necessary to check each stored component periodically to ensure that no data are overlooked by cyber security systems.