In an effort to raise cybersecurity awareness and help both school districts and teachers develop security-based curricula, the National Institute for Cybersecurity Education (NICE), part of the National Institute of Standards and Technology (NIST), hosted two consecutive conferences this fall.

These back-to-back conferences brought experts from industry and academia together to share creative strategies to help educators teach youngsters how to change their “naughty” online behaviors into good cyber hygiene.

The NICE Conference in Miami was held in November, followed by December’s NICE K12 Cybersecurity Education Conference in San Antonio, which introduced some innovative technologies as well as multiple trainings to help schools make students more aware of how to protect themselves online and the many career paths available to them in cybersecurity.

Let the Youth Lead Cybersecurity Education

I had the pleasure of speaking at the NICE K12 Cybersecurity Education conference on how to create a cyber-aware classroom, but my presentation was just one of many and paled in comparison to that of the keynote speaker, Kyla Guru, a 16-year-old high school junior from Illinois who is the founder and CEO of Bits ‘N Bytes Cybersecurity Education (BNBCE), a youth-built nonprofit that provides suggestions for day events and classroom discussions.

Also among Guru’s list of notable cybersecurity education resources are CommonSenseMedia, CodeHS Cybersecurity, Facebook Security Centre and (ISC)2.

In her work over the past few years, Guru has seen that students are increasingly encouraged to take at least one computer science course starting in middle school, and are subsequently guided to pursue the subject with a progression of courses in high school.

Implement Student-Created Curricula

What’s unique about the BNBCE curriculum is that it’s created by youth. The nonprofit offers lessons on encryption, privacy policies, digital citizenship, data breaches, passwords and social engineering, all of which are organized by age group.

“BNBCE also produces animated videos tailored for each school’s core values and principles, as well as conducts outreach events and runs biweekly research-based blog posts on relevant cybersecurity concepts for the classroom. We would love to support schools as they integrate cyber in their classroom discussions,” Guru said.

How to Break Google’s Influence on a Generation

Recognizing that her generation is digitally driven and has been raised to consider “Googling” as sufficient research, Guru said it is critical that the time young people spend using technology as their new medium for discovery and exploration be spent securely and safely so they can learn without limitation.

“K–12 students are by far the greatest consumers of digital information there are. In fact, a recent survey showed that 82 percent of Generation Z shares that Instagram, Snapchat, Buzzfeed and other social media sites are their primary news sources,” Guru said.

Engage Students in Cyber Awareness

In the Cyber Day 4 Girls workshop, hosted by IBM in advance of the NICE K12 Cybersecurity Education conference, young women in grades six through nine had a chance to learn how to protect their online identities and internet-connected devices while working alongside some impressive female role models who are already studying and working in cybersecurity.

Attendees also heard about the defensive hacking curriculum created by IBM and Hacker High School (HHS), and how to infuse ethical hacking skills across the curriculum, which was presented by HHS director Kim Truett.

Learn more about Hacker High School

Industry Professionals: Step Up

Clearly, educators and students alike are doing their part to move the cybersecurity needle forward, but industry leaders also play a critical role in helping to raise cybersecurity awareness and education among today’s youth.

In his presentation to audience members at the Miami conference, Eduardo Cabrera, chief cybersecurity officer at Trend Micro, talked about the need for more partnerships between enterprises and the K–12 sector.

“We have to rethink what we are doing around cybersecurity education, not only from an awareness and hygiene perspective, but also from the perspective of establishing a permanent pipeline of talent from K–12 that feeds into higher education,” Cabrera said.

What would that actually look like, though? According to Cabrera, one model that could work is what has been happening with DevOps. “There is a concept or movement around DevOps that is speeding up the cycle, taking plays out of the playbook of agile development and looking at the partnerships required between operators, developers and testers. These microservices are creating smaller, quicker sprints. We need to move toward a DevOps model of workforce development.”

Rather than operating in silos, all connected parties can work together. “The operators are the industry, developers are educators and the testers are certifying bodies,” Cabrera said.

Teaching cybersecurity is not solely about STEM and technical skills, either, Cabrera said. “Soft skills are becoming equally as important as technical skills. We have a rock-star employee when they can be technical but equally as skilled at communicating and storytelling.”

Cybersecurity isn’t just about defending one’s digital footprint, after all, but is just one piece of a network of protection for the whole person. To teach the best, most complete self-defense is to teach the whole student — not just the computer-savvy parts.

More from CISO

Everyone Wants to Build a Cyber Range: Should You?

In the last few years, IBM X-Force has seen an unprecedented increase in requests to build cyber ranges. By cyber ranges, we mean facilities or online spaces that enable team training and exercises of cyberattack responses. Companies understand the need to drill their plans based on real-world conditions and using real tools, attacks and procedures. What’s driving this increased demand? The increase in remote and hybrid work models emerging from the COVID-19 pandemic has elevated the priority to collaborate and…

Why Quantum Computing Capabilities Are Creating Security Vulnerabilities Today

Quantum computing capabilities are already impacting your organization. While data encryption and operational disruption have long troubled Chief Information Security Officers (CISOs), the threat posed by emerging quantum computing capabilities is far more profound and immediate. Indeed, quantum computing poses an existential risk to the classical encryption protocols that enable virtually all digital transactions. Over the next several years, widespread data encryption mechanisms, such as public-key cryptography (PKC), could become vulnerable. Any classically encrypted communication could be wiretapped and is…

6 Roles That Can Easily Transition to a Cybersecurity Team

With the shortage of qualified tech professionals in the cybersecurity industry and increasing demand for trained experts, it can take time to find the right candidate with the necessary skill set. However, while searching for specific technical skill sets, many professionals in other industries may be an excellent fit for transitioning into a cybersecurity team. In fact, considering their unique, specialized skill sets, some roles are a better match than what is traditionally expected of a cybersecurity professional. This article…

Laid Off by Big Tech? Cybersecurity is a Smart Career Move

Big technology companies are laying off staff as market conditions change. The move follows a hiring blitz initially triggered by the uptick in pandemic-powered remote work — according to Bloomberg, businesses are now cutting jobs at a rate approaching that of early 2020. For example, in November 2022 alone, companies laid off more than 52,000 workers. Companies like Amazon and Meta also plan to let more than 10,000 staff members go over the next few years. As noted by Stanford…