To read this content please select one of the options below:

The security economics of EdTech: vendors’ responsibility and the cybersecurity challenge in the education sector

Noran Shafik Fouad (Noran Shafik Fouad is based at the Blavatnik School of Government, University of Oxford, Oxford, UK)

Digital Policy, Regulation and Governance

ISSN: 2398-5038

Article publication date: 27 April 2022

Issue publication date: 14 June 2022

690

Abstract

Purpose

The education sector is increasingly targeted by malicious cyber incidents, resulting in huge financial losses, cancelation of classes and exams and large-scale breaches of students’ and staff’s data. This paper aims to investigate education technology (EdTech) vendors’ responsibility for this cyber (in)security challenge, with a particular focus on EdTech in India as a case study.

Design/methodology/approach

Theoretically, building on the security economics literature, the paper establishes a link between the dynamics of the EdTech market and the education sector’s cyber insecurities and investigates the various economic barriers that stand in the way of improving EdTech vendors’ security practices. Empirically, the paper analyses publicly reported cyber incidents targeting the Indian education sector and EdTech companies in the past 10 years as published in newspapers, using the LexisNexis database. It also examines existing EdTech procurement challenges in India and elsewhere and develops a number of policy recommendations to address the misaligned incentives and information asymmetries between EdTech vendors and educational institutions.

Findings

Market forces alone cannot create sufficient incentives for EdTech vendors to prioritise security in product design. Considering the infant stage of the EdTech industry, the lack of evidence about the efficacy of EdTech tools, the fragmentation in the EdTech market and the peculiarities of educational institutions as end-users, a regulatorily and policy intervention is needed to secure education through procurement processes.

Originality/value

This paper introduces a novel exploration to the cybersecurity challenge in the education sector, an area of research and policy analysis that remains largely understudied. By adding a cybersecurity angle, the paper also contributes to the literature using a political economy approach in scrutinising EdTech.

Keywords

Acknowledgements

The author would like to thank the two anonymus reviewers for their very constructive comments. Funding: This work is part of a contract between Digital Pathways at Oxford and the EdTech Hub.

Citation

Fouad, N.S. (2022), "The security economics of EdTech: vendors’ responsibility and the cybersecurity challenge in the education sector", Digital Policy, Regulation and Governance, Vol. 24 No. 3, pp. 259-273. https://doi.org/10.1108/DPRG-07-2021-0090

Publisher

:

Emerald Publishing Limited

Copyright © 2022, Emerald Publishing Limited

Related articles