Cybersecurity Expert, Chief Information Security Officer (CISO), and Certified Information Systems Auditor (CISA)

"Speed and simplicity: these are the keywords to overcome the enemy."

Educating parents about cybersecurity​

The first step in educating children about cybersecurity starts with "training" parents in this area. Children's access to technology comes with additional responsibility for the parents.

Beyond the dangers children can face in the online environment, parents need to be aware of the fact that the inattention with which they provide access to the child's technology can have consequences that go beyond family boundaries.

Unmonitored access of the child to technology represents a cybersecurity breach for the parents' workplace. Thus, the safety and emotional integrity of the child exposed in the online environment is complemented with the responsibility towards the workplace, to the contacts in the phone book or to the "friends" on the social networks.

It is natural for everyone to turn their attention first and foremost to the protection of the child in the face of technology, but it is essential that the parent who provides access is aware of the entire landscape of responsibilities that follow.


I recently witnessed a scene on the train, which I will tell in order to have at least one case to refer to when it is necessary to explain the dangers of leaving the phone or the work laptop in the hands of children.

This mother had just taken her child from kindergarten. The two were sitting on separate seats, the mother behind the child. At one point, the woman pulls the phone out of her bag and gives it to the child to catch her attention and make her sit quietly in the chair. I was near them and I could easily observe their digital behaviors.

The girl was not more than four years old and knew very well how the touch screen of the phone works. She searched through applications and opened a game, from the game she clicked on a banner and the "phone" began to download something ... The moment she was taken out of the game and taken to a new page, unknown to the child. She gave her mother the phone to solve the situation.

The woman picked up the phone and asked in dismay, "what did you do here?" , Without waiting for an answer. The child didn't understand what was happening. The mother closed the download window, opened WhatsApp and checked the messages, then replied to a message received on Messenger, checked the news feed with a quick glance, returned to the main screen and gave the phone back to the child, to keep quiet.

The child took the phone very excited about the "offer", closed all active windows, opened the photo album and looked at the photos of a celebration, opened the messenger and looked at messages, then entered applications, searched for a new game, opened it and started playing. Meanwhile, the mother looked out the window and did not see what the child was doing with her phone.

Here is a real case where the mother's phone is subjected to cybersecurity risks, which she is not even aware of.


If the mother's phone was a phone issued by her workplace or, her work phone, there are at least three risks that should attract the attention of the parents.

Easily downloading unknown applications or files to your phone endangers the integrity and confidentiality of all information stored on that phone.

Question for parents: Are you aware that through these download actions, there is a great chance that it might expose or provide access to strictly professional information to malicious people, who can use them in cyberattacks aimed at the organization you work for?

The access of a child to work-related messages may compromise their confidentiality.

Question for parents: Are you aware of the risk that a message from a private discussion will be copied and forwarded to another person?

Storing personal information on the work phone puts your family's privacy at risk.

Question for parents: Are you aware that personal photos may become public on the Internet or maybe lost if the work-issued device is the target of a cyber attack or subject to strict (and legitimate) security procedures?


If the parents' answer to the above questions is NO, then the risks are very high for the employer.

If the parents' answer to the above questions is NOT HAPPENING because I know how to protect myself, then the risks are as great for the employer.

If the parents' answer to the above questions is YES, then the employer can be sure that the cybersecurity procedure in the organization was at least understood.


Give children access to the technology they need based on their age.
Do not give children access to technology that they do not understand.
Check your child's digital behavior.
Limit the use of technology in the family according to the needs and the degree of digital culture of each member (unexperienced grandparents are just as vulnerable as children).
Be constantly aware of cyber dangers, which are evolving at the same pace as the technology you have access to.

John Giordani
Cybersecurity Expert, Chief Information Security Officer (CISO), and Certified Information Systems Auditor (CISA) ​


DHS (Homeland Security) Campaign - STOP.THINK.CONNECT ™
CYBRARY - Teaching Kids about Cybersecurity: it’s never too early
StaySafeOnline - Raising Digital Citizens
The Family Online Safety Institute (FOSI) - Good Digital Parenting