May 2025 Headlines
Keeping Kids Cybersafe While Playing Roblox
Roblox has become a favorite among children, offering a vast universe of user-created games and experiences. While it provides endless opportunities for fun and creativity, it also comes with potential cyber risks. As a parent, ensuring your child's safety while they navigate this digital playground is crucial. Here are some essential tips to keep your kids cybersafe while playing Roblox, including monitoring their activity.
Understanding Roblox
Roblox is not just a single game but a platform hosting millions of user-created experiences (Arntz, 2025). Kids can create avatars, join various games, chat with others, and even design their own games using Roblox Studio. This variety makes Roblox captivating for children, but it also means parents need to be aware of the different types of interactions and content their kids might encounter (Malwarebytes, 2025).
Setting Up Age-Appropriate Account Settings
When creating your child's Roblox account, ensure you set the correct birth date. This automatically applies appropriate privacy settings for users under 13 (Arntz, 2025). You can enable account restrictions to limit social interactions and access to age-appropriate games only. Regularly revisit these settings as your child matures, gradually allowing more freedom while maintaining necessary safeguards (Malwarebytes, 2025).
Activating and Monitoring Parental Controls
Roblox offers comprehensive parental controls that give you oversight of your child's activities (Arntz, 2025). Through the settings menu, you can:
Establish monthly spending limits to prevent unauthorized purchases.
Restrict access to certain games based on their content rating.
Monitor friend requests and interactions.
These controls help balance your child's independence with necessary protection.
Monitoring Your Child's Online Activity
Monitoring your child's online activity is essential for their safety. Here are some effective ways to do this:
Use Parental Control Software: Tools like Apple's Screen Time, Google's Family Link, and Microsoft's Family Safety offer comprehensive monitoring capabilities (Lakshmanan, 2024). These tools can help you manage screen time, restrict content, and get reports on your child's online activity (Lakshmanan, 2024).
Regular Conversations: Engage in regular conversations with your child about their online experiences. Discuss the games they play, the friends they interact with, and any concerns they might have (Lakshmanan, 2024). This helps build digital literacy and critical thinking skills.
Check Device Usage: Regularly check the devices your child uses for any unusual activity. Look at their browsing history, app usage, and any new contacts or messages (Lakshmanan, 2024).
Encouraging Safe Online Habits
Teaching your child safe online habits is crucial. Encourage them to:
Never share personal information like their real name, address, or school.
Report any inappropriate content or behavior they encounter.
Use strong passwords and change them regularly.
Roblox Continues to Address Security Risks
Roblox has faced several security challenges, including data breaches and malware attacks. For instance, malicious npm packages have targeted Roblox users with data-stealing malware (Lakshmanan, 2024). Additionally, a significant data breach exposed 34 million Roblox credentials on the dark web between 2021 and 2023 7, and another breach exposed 10,386 accounts from the Roblox Developer Conference (secureblink.com, 2025). These incidents highlight the importance of robust security measures and vigilance.
Roblox has introduced significant updates to parental controls, including stopping direct messaging for users under 13 (Smith, 2024). You can create a safer digital experience for your child by combining technical safeguards with ongoing conversations. Roblox can be a wonderful platform for creativity and social interaction, but it's essential to stay vigilant and proactive in ensuring your child's cybersafety.
Microsoft Teams to Block Screen Captures Coming This Summer
As remote and hybrid work continue to dominate the business landscape, the need for privacy and securing digital collaboration tools has never been greater. Microsoft is responding to this demand with a powerful new feature in Microsoft Teams: “Prevent Screen Capture”, set for global release in July 2025 (Baran, 2025). This feature is designed to block unauthorized screenshots and screen recordings during Teams meetings, reinforcing Microsoft’s commitment to enterprise security and regulatory compliance.
How the Feature Works
When enabled, the “Prevent Screen Capture” feature will black out the meeting window if a participant attempts to take a screenshot or record the screen. This applies across platforms, including Windows, macOS, iOS, and Android (Baran, 2025). Moreover, Microsoft is also introducing audit logging for screen sharing and control features, giving IT administrators visibility into who initiated or received control during meetings. For users on unsupported platforms or outdated clients, Teams will automatically restrict them to audio-only mode, ensuring sensitive visuals remain protected (webasha.com, 2025).
Why This Matters for Cybersecurity
Screen captures have long been a blind spot in virtual meeting security. Even with encryption and access controls, a simple screenshot can compromise confidential data. This new feature directly addresses that vulnerability by proactively preventing digital exfiltration of sensitive content.
According to Microsoft, the feature is particularly valuable for organizations in regulated industries—such as healthcare, finance, and government—where compliance with standards like HIPAA, GDPR, and ISO 27001 is essential (webasha.com, 2025).
Technical Approach and Limitations
While Microsoft has not disclosed full technical specifications, the feature is expected to use a combination of:
Windows APIs to detect and block screenshot shortcuts
System-level hooks to interfere with screen recording tools
Device attestation to ensure policy enforcement on compliant hardware
However, Microsoft acknowledges that physical screen captures—such as using a smartphone to record a screen—cannot be prevented. As such, this feature should be part of a layered security strategy, not a standalone solution
Conclusion
Microsoft’s “Prevent Screen Capture” feature marks a significant advancement in virtual meeting security. With over 320 million monthly active users across 181 countries, Microsoft Teams is a cornerstone of enterprise communication, and as organizations continue to navigate the complexities of remote work, enhancing tools like Teams will be critical in safeguarding sensitive information and maintaining operational integrity.
Alberta’s New Cybersecurity Regulation for Critical Infrastructure Aligns with Global Standards
Alberta is taking a major step forward in protecting its critical infrastructure with the Security Management for Critical Infrastructure Regulation, which comes into effect on May 31, 2025. This regulation mandates that designated facilities comply with the CSA Z246.1 Standard csagroup.org, 2021), a comprehensive framework for managing physical and cybersecurity risks in the energy and natural gas sectors (Gittens et el, 2025).
This new regulation is part of the Responsible Energy Development Act and is all about strengthening security plans for Alberta’s energy and critical infrastructure systems, starting on May 31, 2025 (ionunited.com, 2025). The regulation defines critical facilities in Alberta’s energy sector as:
Coal processing plants
Mines
Pipelines
Processing plants
Wells
In situ operations (ionunited.com, 2025)
Cybersecurity Requirements Under the Regulation
The regulation, enforced by the Alberta Energy Regulator (AER), requires operators of critical infrastructure to implement robust cybersecurity controls, including:
Asset and network inventory
Access control and authentication
Network segmentation
Intrusion detection and response
Incident reporting and recovery planning
These requirements are designed to protect both information technology (IT) and operational technology (OT) systems from threats such as ransomware, insider attacks, and supply chain vulnerabilities (Gittens et el, 2025). AER is responsible for oversight and has the authority to audit compliance and suspend operations for non-compliance.
Alignment with the NIST Cybersecurity Framework
The regulation’s adoption of CSA Z246.1 (csagroup.org, 2021) aligns with the internationally recognized NIST Cybersecurity Framework (CSF), developed by the National Institute of Standards and Technology. The NIST CSF, outlined in NIST CSWP 04162018, is built around five core functions (NIST CSF, 2018):
Identify – Understand organizational systems, assets, and risks.
Protect – Implement safeguards to ensure delivery of critical services.
Detect – Develop activities to identify cybersecurity events.
Respond – Take action regarding detected incidents.
Recover – Maintain plans for resilience and restoration.
Arguably, the CSA Z246.1 Standard mirrors this structure by requiring:
Risk assessments and asset classification (Identify)
Security controls and access management (Protect)
Monitoring and anomaly detection (Detect)
Incident response protocols (Respond)
Business continuity and recovery planning (Recover)
This alignment ensures that Alberta’s approach is not only nationally consistent but also globally interoperable, making it easier for multinational operators to comply with both Canadian and international standards.
Conclusion
Alberta’s new regulation represents a significant advancement in critical infrastructure protection. By mandating compliance with CSA Z246.1 and aligning with the NIST Cybersecurity Framework, the province is setting a high bar for resilience, accountability, and cyber readiness for protecting critical infrastructure.
Stefan Myroniuk, MSc., CISSP
(ISC)2 Alberta Chapter | Communications Director
E: communications@isc2chapter-alberta.org
http://isc2chapter-alberta.org
