Cyber security Awareness to Protect Privacy in large, multi-campus K-12 institutions in the GCC

Company X is an education provider operating private schools, charter schools, and Public-private-partnerships with over 70,000 students and 8000 employees across many regions worldwide, with 28,000 of these students at 13 K-12 schools in the Gulf region specifically.

With the increased reliance on digital channels for learning delivery, introducing a comprehensive cyber-security awareness training module for both staff and students in the Gulf (GCC) region is proposed in order to improve the cybersecurity posture of the organization, the data/privacy of all users (students and staff) and to protect the copyrighted learning resources of the provider from unauthorized use. The training modules should be audience-appropriate (students in Gr 9 and above) and should include a detailed feedback and assessment component in order to properly assess the evidence of learning.

It is proposed that this module should be part of the overall “Governance, Risk and Compliance” framework in education and is expected to

– Protect user data and privacy, where user refers here to both staff and students
– Protect the organization’s information systems and protected learning content
– Improve the quality ratings of each individual school if and when institutional audits take place.
– Promote an image of good digital citizenship in the community

The literature review MUST mention:

*** Helen Nissenbaum’s book, “privacy in context” must be in the review
Risk (the application is for a Ph.D. in risk management)
Quality Assurance and Quality Audits of academic institutions
Human Factors as a primary source of cyber-security risk
That studies on cybersecurity and data governance of educational institutions tend to be more focused on universities, but there is a need to look at governance in schools as well.

Please include an objective, methodology, etc in the proposal.