Human-Centred AI: Education and Innovation

Sharisha Sahay
Sharisha Sahay
Research Analyst - Policy & Advocacy, CyberPeace
PUBLISHED ON
Mar 28, 2025
10

Introduction

The rise in start-up culture, increasing investments, and technological breakthroughs are being encouraged alongside innovations and the incorporation of generative Artificial Intelligence elements. Witnessing the growing focus on human-centred AI, its potential to transform industries like education remains undeniable. Enhancing experiences and inculcating new ways of learning, there is much to be explored. Recently, a Delhi-based non-profit called Rocket Learning, in collaboration with Google.org, launched Appu- a personalised AI educational tool providing a multilingual and conversational learning experience for kids between 3 and 6.

AI Appu

Developed in 6 months, along with the help of dedicated Google.org fellows, interactive Appu has resonated with those the founders call “super-users,” i.e. parents and caregivers. Instead of redirecting students to standard content and instructional videos, it operates on the idea of conversational learning, one equally important for children in the targeted age bracket. Designed in the form of an elephant, Appu is supposed to be a personalised tutor, helping both children and parents understand concepts through dialogue. AI enables the generation of different explanations in case of doubt, aiding in understanding. If children were to answer in mixed languages instead of one complete sentence in a single language (eg, Hindi and English), the AI would still consider it as a response. The AI lessons are two minutes long and are inculcated with real-world examples. The emphasis on interactive and fun learning of concepts through innovation enhances the learning experience. Currently only available in Hindi, it is being worked on to include 20 other languages such as Punjabi and Marathi. 

UNESCO, AI, and Education

It is important to note that such innovations also find encouragement in UNESCO’s mandate as AI in education contributes to achieving the 2030 Agenda of Sustainable Development Goals (here; SDG 4- focusing on quality education). Within the ambit of the Beijing Consensus held in 2019, UNESCO encourages a human-centred approach to AI, and has also developed the “Artificial Intelligence and Education: Guidance for Policymakers” aiming towards understanding its potential and opportunities in education as well as the core competencies it needs to work on. Another publication was launched during one of the flagship events of UNESCO- (Digital Learning Week, 2024) - AI competency frameworks for both, students and teachers which provide a roadmap for assessing the potential and risks of AI, each covering common aspects such as AI ethics, and human-centred mindset and even certain distinct options such as AI system design for students and AI pedagogy for teachers.

Potential Challenges

While AI holds immense promise in education, innovation with regard to learning is contentious as several risks must be carefully managed. Depending on the innovation, AI’s struggle with multitasking beyond the classroom, such as administrative duties and tedious grading, which require highly detailed role descriptions could prove to be a challenge. This can become exhausting for developers managing innovative AI systems, as they would have to fit various responses owing to the inherent nature of AI needing to be trained to produce output. Security concerns are another major issue, as data breaches could compromise sensitive student information. Implementation costs also present challenges, as access to AI-driven tools depends on financial resources. Furthermore, AI-driven personalised learning, while beneficial, may inadvertently reduce student motivation, also compromising students' soft skills, such as teamwork and communication, which are crucial for real-world success. These risks highlight the need for a balanced approach to AI integration in education.

Conclusion

Innovations related to education, especially the ones that focus on a human-centred AI approach, have immense potential in not only enhancing learning experiences but also reshaping how knowledge is accessed, understood, and applied. Untapped potential using other services is also encouraged in this sector. However, maintaining a balance between fostering intrigue and ensuring the inculcation of ethical and secure AI remains imperative.

References

PUBLISHED ON
Mar 28, 2025
Category
TAGS
No items found.

Related Blogs

Hong Kong
Hong Kong Cyber Attack: Data Compromised Health Care Affected
10
May 24, 2023

Introduction

In today’s digital age, everyone is online, so is the healthcare sector worldwide. The latest victim of a data breach is Hong Kong healthcare provider OT&P Healthcare, which has recently suffered a data loss of 100,000 patients that exposed their medical history, and caused concern to the patients and their families. This breach has highlighted the vulnerability in the healthcare sector /industry and the importance of cybersecurity measures to protect sensitive information. This blog will explore the data breach, its impact on patients and families, and the best practices for safeguarding sensitive data.

Background: On 13 March 2023, an incident took place where the Cybercriminals deployed a variety of methods to breach the data, which included phishing attacks, malware, and exploiting software vulnerabilities. OT&P Health Care exploits the sensitive data of the patients. According to OT&P Healthcare, it is working together with law enforcement and has hired a cybersecurity firm to investigate the incident and tighten its security procedures. Like other data breaches, the inquiry will most certainly take some time to uncover the actual source and scope of the intrusion. Regardless of the cause of the breach, this event emphasises the significance of frequent cybersecurity assessments, vulnerability testing, and proactive data protection measures. Considering the dangers in the healthcare sector must be cautious in preserving the personal and medical records of the patients as they are sensitive in nature.

Is confidentiality at stake due to data breaches?

Medical data breaches represent a huge danger to patients, with serious ramifications for their privacy, financial security, and physical health. Some of the potential hazards and effects of medical data breaches are as follows:

  • Compromise of patient data: Medical data breaches can expose patients’ sensitive information, such as their medical history, diagnoses, treatment, and medication regimens. If history is highly personal and reaches the wrong hands, it could harm someone’s reputation.
  • Identity theft: the data stolen by the cybercriminals may be used by them to open credit accounts and apply for loans, Patients can suffer severe financial and psychological stress because of identity theft since they may spend years attempting to rebuild their credit and regain their good name.
  • Medical Fraud: Medical data breaches can also result in medical fraud, which occurs when hackers use stolen medical information to charge insurance companies for services that were not performed or for bogus treatments or procedures. Medical fraud may result in financial losses for patients, insurance companies, and individuals obtaining ineffective or risky medical care.

Impact on patients

Data breach does not cause financial loss but may also profoundly impact their mental health and emotional well-being. let’s understand some psychological impacts:

  • Anxiety and Stress: Patients whose medical data has been affected may experience feelings of stress and anxiety as they worry about the potential consequences of the data loss can be misused.
  • Loss of faith: Patients may lose faith in their healthcare providers if they believe their personal and medical information needs to be properly As a result, patients may be reluctant to disclose sensitive information to their healthcare professionals, compromising the quality of their medical care.
  • Sense of Embarrassment: Patients may feel disregarded or ashamed if their sensitive medical information is revealed, particularly if it relates to a sensitive or stigmatised This might lead to social isolation and a reluctance to seek further medical treatment.
  • Post-Traumatic Stress Disorder (PTSD): Patients who have experienced a data breach may have PTSD symptoms such as nightmares, flashbacks, and avoidance behaviour. This can have long-term consequences for their mental health and quality of life.

Legal Implications of Data Breach

Patients have certain legal rights and compensations when a healthcare data breach occurs. Let’s have a look at them: –

  • Legal Liability: Healthcare providers have a legal obligation to protect data under various privacy and security laws if they fail to take appropriate measures to protect patient data, they may be held legally liable for resulting harm.
  • Legal recourse: Patients whose healthcare data leak has impacted them have the legal right to seek compensation and hold healthcare providers and organisations This could involve suing the healthcare practitioner or organisationresponsible for the breach.
  • Right to seek compensation: the patients who have suffered from the data loss are liable to seek compensation.
  • Notifications: As soon as a data breach takes place, it impacts the organisation and its customers. In this case, it is the responsibility of the OT&P to
  • notify their patients about the data breach and inform them about the consequences.
  • Take Away from OT &P Healthcare Data Breach: with the growing data breaches in the healthcare industry, here are some lessons that can be learned from the Hong Kong data breach.
  • Cybersecurity: The OT&P Healthcare data breach points to the vital need to prioritisecybersecurity in healthcare. To secure themselves, hospitals and the healthcare sector must use the latest software to protect their data.
  • Regular risk assessments: These assessments help find system vulnerabilities and security issues. This can assist healthcare providers and organisationsin taking the necessary actions to avoid data breaches and boost their cybersecurity defences.
  • Staff Training: Healthcare workers should be taught cybersecurity best practices, such as detecting and responding to phishing attempts, handling sensitive data, and reporting suspected security breaches. This training should be continued to keep workers updated on the newest cybersecurity trends and threats.
  • Incident Response Strategy: Healthcare providers and organisations should have an incident response policy in place to deal with data breaches and other security concerns. This strategy should include protocols for reporting instances, limiting the breach, and alerting patients and verified authorities.

Conclusion

The recent data breach in Hong Kong healthcare impact not only the patients but also their trust is shaken. As we continue to rely on digital technology for medical records and healthcare delivery, it is essential that healthcare providers and organisations take proactive steps to protect patient data from cyber-attacks and data breaches.

References

https://www.marketing-interactive.com/otp-healthcare-apologises-over-data-breach-patients-reportedly-impacted

https://www.scmp.com/news/hong-kong/health-environment/article/3219827/personal-data-medical-history-100000-patients-may-have-been-leaked-cyberattack-hong-kong-healthcare

https://www.teiss.co.uk/news/hong-kongs-otp-healthcare-exposes-the-medical-history-of-100000-patients-12170

School children
Advisory for APS School Students
Stay safe from the Army school student scam. Scammers pose as teachers, requesting personal information. Learn do's and don'ts to protect yourself.
10
August 2, 2023

Pretext

The Army Welfare Education Society has informed the Parents and students that a Scam is targeting the Army schools Students. The Scamster approaches the students by faking the voice of a female and a male. The scamster asks for the personal information and photos of the students by telling them they are taking details for the event, which is being organised by the Army welfare education society for the celebration of independence day. The Army welfare education society intimated that Parents to beware of these calls from scammers.

The students of  Army Schools of Jammu & Kashmir, Noida, are getting calls from the scamster. The students were asked to share sensitive information. Students across the country are getting calls and WhatsApp messages from two numbers, which end with 1715 and 2167.  The Scamster are posing to be teachers and asking for the students’ names on the pretext of adding them to the WhatsApp Groups. The scamster then sends forms links to the WhatsApp groups and asking students to fill out the form to seek more sensitive information.

Do’s

  • Do Make sure to verify the caller.
  • Do block the caller while finding it suspicious.
  • Do be careful while sharing personal Information.
  • Do inform the School Authorities while receiving these types of calls and messages posing to be teachers.
  • Do Check the legitimacy of any agency and organisation while telling the details
  • Do Record Calls asking for personal information.
  • Do inform parents about scam calling.
  • Do cross-check the caller and ask for crucial information.
  • Do make others aware of the scam.

Don’ts

  • Don’t answer anonymous calls or unknown calls from anyone.
  • Don’t share personal information with anyone.
  • Don’t Share OTP with anyone.
  • Don’t open suspicious links.
  • Don’t fill any forms, asking for personal information
  • Don’t confirm your identity until you know the caller.
  • Don’t Reply to messages asking for financial information.
  • Don’t go to a fake website by following a prompt call.
  • Don’t share bank Details and passwords.
  • Don’t Make payment over a prompt fake call.
Ransomware Trends 2024: Insights for Global Cybersecurity Readiness
Ransomware Trends 2024: Insights for Global Cybersecurity Readiness
10
December 31, 2024

Disclaimer:

This report is based on extensive research conducted by CyberPeace Research using publicly available information, and advanced analytical techniques. The findings, interpretations, and conclusions presented are based on the data available at the time of study and aim to provide insights into global ransomware trends.

The statistics mentioned in this report are specific to the scope of this research and may vary based on the scope and resources of other third-party studies. Additionally, all data referenced is based on claims made by threat actors and does not imply confirmation of the breach by CyberPeace. CyberPeace includes this detail solely to provide factual transparency and does not condone any unlawful activities. This information is shared only for research purposes and to spread awareness. CyberPeace encourages individuals and organizations to adopt proactive cybersecurity measures to protect against potential threats.

CyberPeace Research does not claim to have identified or attributed specific cyber incidents to any individual, organization, or nation-state beyond the scope of publicly observable activities and available information. All analyses and references are intended for informational and awareness purposes only, without any intention to defame, accuse, or harm any entity.

While every effort has been made to ensure accuracy, CyberPeace Research is not liable for any errors, omissions, subsequent interpretations and any unlawful activities of the findings by third parties. The report is intended to inform and support cybersecurity efforts globally and should be used as a guide to foster proactive measures against cyber threats.

Executive Summary: 

The 2024 ransomware landscape reveals alarming global trends, with 166 Threat Actor Groups leveraging 658 servers/underground resources and mirrors to execute 5,233 claims across 153 countries. Monthly fluctuations in activity indicate strategic, cyclical targeting, with peak periods aligned with vulnerabilities in specific sectors and regions. The United States was the most targeted nation, followed by Canada, the UK, Germany, and other developed countries, with the northwestern hemisphere experiencing the highest concentration of attacks. Business Services and Healthcare bore the brunt of these operations due to their high-value data, alongside targeted industries such as Pharmaceuticals, Mechanical, Metal, Electronics, and Government-related professional firms. Retail, Financial, Technology, and Energy sectors were also significantly impacted.

This research was conducted by CyberPeace Research using a systematic modus operandi, which included advanced OSINT (Open-Source Intelligence) techniques, continuous monitoring of Ransomware Group activities, and data collection from 658 servers and mirrors globally. The team utilized data scraping, pattern analysis, and incident mapping to track trends and identify hotspots of ransomware activity. By integrating real-time data and geographic claims, the research provided a comprehensive view of sectoral and regional impacts, forming the basis for actionable insights.

The findings emphasize the urgent need for proactive Cybersecurity strategies, robust defenses, and global collaboration to counteract the evolving and persistent threats posed by ransomware.

Overview:

This report provides insights into ransomware activities monitored throughout 2024. Data was collected by observing 166 Threat Actor Groups using ransomware technologies across 658 servers/underground resources and mirrors, resulting in 5,233 claims worldwide. The analysis offers a detailed examination of global trends, targeted sectors, and geographical impact.

Top 10 Threat Actor Groups:

The ransomware group ‘ransomhub’ has emerged as the leading threat actor, responsible for 527 incidents worldwide. Following closely are ‘lockbit3’ with 522 incidents and ‘play’ with 351. Other Groups are ‘akira’, ‘hunters’, ‘medusa’, ‘blackbasta’, ‘qilin’, ‘bianlian’, ‘incransom’. These groups usually employ advanced tactics to target critical sectors, highlighting the urgent need for robust cybersecurity measures to mitigate their impact and protect organizations from such threats.

Monthly Ransomware Incidents:

In January 2024, the value began at 284, marking the lowest point on the chart. The trend rose steadily in the subsequent months, reaching its first peak at 557 in May 2024. However, after this peak, the value dropped sharply to 339 in June. A gradual recovery follows, with the value increasing to 446 by August. September sees another decline to 389, but a sharp rise occurs afterward, culminating in the year’s highest point of 645 in November. The year concludes with a slight decline, ending at 498 in December 2024 (till 28th of December).

Top 10 Targeted Countries:

  1. The United States consistently topped the list as the primary target probably due to its advanced economic and technological infrastructure.
  2. Other heavily targeted nations include Canada, UK, Germany, Italy, France, Brazil, Spain, and India.
  3. A total of 153 countries reported ransomware attacks, reflecting the global scale of these cyber threats

Top Affected Sectors:

  1. Business Services and Healthcare faced the brunt of ransomware threat due to the sensitive nature of their operations.
  2. Specific industries under threats:
    1. Pharmaceutical, Mechanical, Metal, and Electronics industries.
    2. Professional firms within the Government sector.
  3. Other sectors:
    1. Retail, Financial, Technology, and Energy sectors were also significant targets.

Geographical Impact:

The continuous and precise OSINT(Open Source Intelligence) work on the platform, performed as a follow-up action to data scraping, allows a complete view of the geography of cyber attacks based on their claims. The northwestern region of the world appears to be the most severely affected by Threat Actor groups. The figure below clearly illustrates the effects of this geographic representation on the map.

Ransomware Threat Trends in India:

In 2024, the research identified 98 ransomware incidents impacting various sectors in India, marking a 55% increase compared to the 63 incidents reported in 2023. This surge highlights a concerning trend, as ransomware groups continue to target India's critical sectors due to its growing digital infrastructure and economic prominence.

Top Threat Actors Group Targeted India:

Among the following threat actors ‘killsec’ is the most frequent threat. ‘lockbit3’  follows as the second most prominent threat, with significant but lower activity than killsec. Other groups, such as ‘ransomhub’, ‘darkvault’, and ‘clop’, show moderate activity levels. Entities like ‘bianlian’, ‘apt73/bashe’, and ‘raworld’ have low frequencies, indicating limited activity. Groups such as ‘aps’ and ‘akira’ have the lowest representation, indicating minimal activity. The chart highlights a clear disparity in activity levels among these threats, emphasizing the need for targeted cybersecurity strategies.

Top Impacted Sectors in India:

The pie chart illustrates the distribution of incidents across various sectors, highlighting that the industrial sector is the most frequently targeted, accounting for 75% of the total incidents. This is followed by the healthcare sector, which represents 12% of the incidents, making it the second most affected. The finance sector accounts for 10% of the incidents, reflecting a moderate level of targeting. In contrast, the government sector experiences the least impact, with only 3% of the incidents, indicating minimal targeting compared to the other sectors. This distribution underscores the critical need for enhanced cybersecurity measures, particularly in the industrial sector, while also addressing vulnerabilities in healthcare, finance, and government domains.

Month Wise Incident Trends in India:

The chart indicates a fluctuating trend with notable peaks in May and October, suggesting potential periods of heightened activity or incidents during these months. The data starts at 5 in January and drops to its lowest point, 2, in February. It then gradually increases to 6 in March and April, followed by a sharp rise to 14 in May. After peaking in May, the metric significantly declines to 4 in June but starts to rise again, reaching 7 in July and 8 in August. September sees a slight dip to 5 before the metric spikes dramatically to its highest value, 24, in October. Following this peak, the count decreases to 10 in November and then drops further to 7 in December.

CyberPeace Advisory:

  1. Implement Data Backup and Recovery Plans: Backups are your safety net. Regularly saving copies of your important data ensures you can bounce back quickly if ransomware strikes. Make sure these backups are stored securely—either offline or in a trusted cloud service—to avoid losing valuable information or facing extended downtime.  
  2. Enhance Employee Awareness and Training: People often unintentionally open the door to ransomware. By training your team to spot phishing emails, social engineering tricks, and other scams, you empower them to be your first line of defense against attacks.  
  3. Adopt Multi-Factor Authentication (MFA): Think of MFA as locking your door and adding a deadbolt. Even if attackers get hold of your password, they’ll still need that second layer of verification to break in. It’s an easy and powerful way to block unauthorized access.  
  4. Utilize Advanced Threat Detection Tools: Smart tools can make a world of difference. AI-powered systems and behavior-based monitoring can catch ransomware activity early, giving you a chance to stop it in its tracks before it causes real damage.  
  5. Conduct Regular Vulnerability Assessments: You can’t fix what you don’t know is broken. Regularly checking for vulnerabilities in your systems helps you identify weak spots. By addressing these issues proactively, you can stay one step ahead of attackers.

 

Conclusion:

The 2024 ransomware landscape reveals the critical need for proactive cybersecurity strategies. High-value sectors and technologically advanced regions remain the primary targets, emphasizing the importance of robust defenses. As we move into 2025, it is crucial to anticipate the evolution of ransomware tactics and adopt forward-looking measures to address emerging threats. 

Global collaboration, continuous innovation in cybersecurity technologies, and adaptive strategies will be imperative to counteract the persistent and evolving threats posed by ransomware activities. Organizations and governments must prioritize preparedness and resilience, ensuring that lessons learned in 2024 are applied to strengthen defenses and minimize vulnerabilities in the year ahead.

Become a part of our vision to make the digital world safe for all!

Numerous avenues exist for individuals to unite with us and our collaborators in fostering  global cyber security

Awareness

Stay Informed: Elevate Your Awareness with Our Latest Events and News Articles Promoting Cyber Peace and Security.

CyberPeace Corps Induction Workshop
The Missing Link Trust to combat online child trafficking
Cyber Safety Carnival
Safer Internet Day 2023
Indian schools and colleges under digital siege: Massive cyber breach crisis exposed
Over 2 lack cyberattacks, 4 lakh data breaches hit Indian educational institutions in 9 months
Lessons in Cybersecurity Required: 2 Lakh Cyberattacks Shake Indian Education Sector in Just Nine Months
2 lakh cyberattacks, 4 lakh data breaches in Indian educational sector in 9 months

Engagement

Your institution or organization can partner with us in any one of our initiatives or policy research activities and complement the region-specific resources and talent we need.

Discover ways to collaborate
Request for Proposals

Play your part for CyberPeace

Donate to us directly to help us build more pioneering initiatives.

Donate Now