December 18, 2018 By Kacy Zurkus 3 min read

In an effort to raise cybersecurity awareness and help both school districts and teachers develop security-based curricula, the National Institute for Cybersecurity Education (NICE), part of the National Institute of Standards and Technology (NIST), hosted two consecutive conferences this fall.

These back-to-back conferences brought experts from industry and academia together to share creative strategies to help educators teach youngsters how to change their “naughty” online behaviors into good cyber hygiene.

The NICE Conference in Miami was held in November, followed by December’s NICE K12 Cybersecurity Education Conference in San Antonio, which introduced some innovative technologies as well as multiple trainings to help schools make students more aware of how to protect themselves online and the many career paths available to them in cybersecurity.

Let the Youth Lead Cybersecurity Education

I had the pleasure of speaking at the NICE K12 Cybersecurity Education conference on how to create a cyber-aware classroom, but my presentation was just one of many and paled in comparison to that of the keynote speaker, Kyla Guru, a 16-year-old high school junior from Illinois who is the founder and CEO of Bits ‘N Bytes Cybersecurity Education (BNBCE), a youth-built nonprofit that provides suggestions for day events and classroom discussions.

Also among Guru’s list of notable cybersecurity education resources are CommonSenseMedia, CodeHS Cybersecurity, Facebook Security Centre and (ISC)2.

In her work over the past few years, Guru has seen that students are increasingly encouraged to take at least one computer science course starting in middle school, and are subsequently guided to pursue the subject with a progression of courses in high school.

Implement Student-Created Curricula

What’s unique about the BNBCE curriculum is that it’s created by youth. The nonprofit offers lessons on encryption, privacy policies, digital citizenship, data breaches, passwords and social engineering, all of which are organized by age group.

“BNBCE also produces animated videos tailored for each school’s core values and principles, as well as conducts outreach events and runs biweekly research-based blog posts on relevant cybersecurity concepts for the classroom. We would love to support schools as they integrate cyber in their classroom discussions,” Guru said.

How to Break Google’s Influence on a Generation

Recognizing that her generation is digitally driven and has been raised to consider “Googling” as sufficient research, Guru said it is critical that the time young people spend using technology as their new medium for discovery and exploration be spent securely and safely so they can learn without limitation.

“K–12 students are by far the greatest consumers of digital information there are. In fact, a recent survey showed that 82 percent of Generation Z shares that Instagram, Snapchat, Buzzfeed and other social media sites are their primary news sources,” Guru said.

Engage Students in Cyber Awareness

In the Cyber Day 4 Girls workshop, hosted by IBM in advance of the NICE K12 Cybersecurity Education conference, young women in grades six through nine had a chance to learn how to protect their online identities and internet-connected devices while working alongside some impressive female role models who are already studying and working in cybersecurity.

Attendees also heard about the defensive hacking curriculum created by IBM and Hacker High School (HHS), and how to infuse ethical hacking skills across the curriculum, which was presented by HHS director Kim Truett.

Learn more about Hacker High School

Industry Professionals: Step Up

Clearly, educators and students alike are doing their part to move the cybersecurity needle forward, but industry leaders also play a critical role in helping to raise cybersecurity awareness and education among today’s youth.

In his presentation to audience members at the Miami conference, Eduardo Cabrera, chief cybersecurity officer at Trend Micro, talked about the need for more partnerships between enterprises and the K–12 sector.

“We have to rethink what we are doing around cybersecurity education, not only from an awareness and hygiene perspective, but also from the perspective of establishing a permanent pipeline of talent from K–12 that feeds into higher education,” Cabrera said.

What would that actually look like, though? According to Cabrera, one model that could work is what has been happening with DevOps. “There is a concept or movement around DevOps that is speeding up the cycle, taking plays out of the playbook of agile development and looking at the partnerships required between operators, developers and testers. These microservices are creating smaller, quicker sprints. We need to move toward a DevOps model of workforce development.”

Rather than operating in silos, all connected parties can work together. “The operators are the industry, developers are educators and the testers are certifying bodies,” Cabrera said.

Teaching cybersecurity is not solely about STEM and technical skills, either, Cabrera said. “Soft skills are becoming equally as important as technical skills. We have a rock-star employee when they can be technical but equally as skilled at communicating and storytelling.”

Cybersecurity isn’t just about defending one’s digital footprint, after all, but is just one piece of a network of protection for the whole person. To teach the best, most complete self-defense is to teach the whole student — not just the computer-savvy parts.

More from Data Protection

How to craft a comprehensive data cleanliness policy

3 min read - Practicing good data hygiene is critical for today’s businesses. With everything from operational efficiency to cybersecurity readiness relying on the integrity of stored data, having confidence in your organization’s data cleanliness policy is essential.But what does this involve, and how can you ensure your data cleanliness policy checks the right boxes? Luckily, there are practical steps you can follow to ensure data accuracy while mitigating the security and compliance risks that come with poor data hygiene.Understanding the 6 dimensions of…

Third-party access: The overlooked risk to your data protection plan

3 min read - A recent IBM Cost of a Data Breach report reveals a startling statistic: Only 42% of companies discover breaches through their own security teams. This highlights a significant blind spot, especially when it comes to external partners and vendors. The financial stakes are steep. On average, a data breach affecting multiple environments costs a whopping $4.88 million. A major breach at a telecommunications provider in January 2023 served as a stark reminder of the risks associated with third-party relationships. In…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today