Teaching Cybersecurity to Kids

Frankie Wallace

As people who grew up without cell phones, tablets, and computers, today’s parents have — at least generally speaking — learned to be skeptical of technology. We understand that there was a world before it, and we lived through some of the earliest threats (like Y2K, the Target hack, the Equifax data dump, and more). This skepticism can be a good thing because non-digital natives don’t take cybersecurity for granted: millions have been burned too many times before.

Although kids have an advantage in their almost innate grasp of the concepts of technology, they’re still kids. Their naivete puts them at a disadvantage when it comes to security in general and particularly on the internet. What’s worse, they often use the internet in secret. Some of the more shocking statistics show that 86% of girls aged 12-17 say they can chat online without their parents’ knowledge. Additionally, 57% say they can get into their parents’ email, which helps them circumvent parental controls.

By teaching children cybersecurity basics — including both the why and how — adults can prepare them for the risks they face and what to do when they encounter them. Plus, kids who grow up with a strong foundation in these practices can even begin to fill the cybersecurity skills shortage and help keep everyone safe.

Kids Are at Greater Risk than You Think

Kids aren’t online using banking or filing their taxes. They play games, watch TV, and chat with their friends. However, just because they generate less sensitive personal and financial data doesn’t mean that they aren’t targets. Moreover, they might not be aware that their present digital lives can hurt them or their families. Indeed, their propensity to use the internet in secret as a means of gaining privacy and independence can make it harder for you to stop what’s happening if need be.

All children (and their parents) should have a basic understanding of how to protect their identities online. Teaching kids to use anonymous screen names, strong passwords, and to be wary of strange apps and emails is important. Adults could do with a refresher, too: Dashlane, a password protection SaaS, analyzed 61 million publicly-available passwords and found that most passwords are alarmingly weak. These are basic security hygiene practices that everyone can improve upon. These practices will help protect them from issues both today and in the future, like scams and identity theft.

Beyond these basic issues, kids are also the targets of cyber predators and cyberbullying. While anyone who has ever been on Twitter knows that bullying is an epidemic, teachers consider it to be their primary safety concern in the classroom. Teaching students cybersecurity can help insulate them from the worst effects of cyber harassment — including doxxing and threats — which often looks frighteningly similar in the classroom as it does in the boardroom.

The School’s Role in Teaching Cybersecurity is Crucial

Learning cybersecurity — both generally and as part of a career path — is something that benefits kids from a very young age. Moreover, teachers and schools can play a huge role in teaching them both privacy principles and the technologies that keep them safe. What is important is that the principles only go so far: abstract knowledge starts the conversation, but it doesn’t help kids practically develop the skills and reflexes to avoid potentially harmful situations.

Teachers can start by modeling good cybersecurity, particularly given that being tech-savvy is now a job requirement for teachers. A teacher’s ability to successfully integrate cybersecurity into the classroom is particularly important because, according to Malwarebytes 2019 State of Malware report, education is a high-value target for cybercriminals. What’s more, computer use at school is far more supervised than it is at home, which presents opportunities for kids to develop good habits that they carry into their home lives.

But schools also need help: they face myriad challenges including gaps in curricula, outdated devices, lack of funding, and the need to adhere to Children’s Online Privacy Protection Act (COPPA) laws. Then there’s the issue of there being only so much time in the day. A cybersecurity program needs to be part of the mainstream curriculum — not a workshop. Taking a page from higher ed by integrating emerging technologies into everyday learning, secondary and elementary educators can make both ed-tech and cybersecurity second nature to their students.

Why a National Cybersecurity Education Policy Could Help

It’s one thing to suggest that teachers begin to teach cybersecurity in schools. However, given the prevalence of cybersecurity issues and the way they impact children, it could be equally helpful for both state governments and the federal government to lead the way. Indeed, this would help ensure that they receive a comprehensive and equitable education.

There are already training and curriculum assistance programs available. The U.S. Department of Homeland Security offers the Cybersecurity Education Training Assistance Program (CETAP) for K-12 teachers. The grant develops and distributes free cybersecurity curricula to educators around the U.S.

Similar practices are already in place elsewhere. Spain introduced a new law to complement the EU’s General Data Protection Regulation (GDPR). It includes clauses on the importance of teaching cybersecurity in schools. The law also identifies the course content as being an important opportunity for kids to learn how to use the internet in a respectful, responsible, and safe way.

Laws like these demonstrate to schools that cybersecurity is not only needed for kids with an interest in STEM. It begins to treat privacy and security as a basic human right that kids are entitled to. As a result, it would also create the impetus for funding for teacher training and equipment to make cybersecurity curriculum a reality.

Children’s Privacy Needs Help Now

Society teaches kids to look both ways before crossing the street and tells them not to take candy from strangers. However, in the internet age, children face digital threats, too, and it’s an adult’s job to protect them.

Schools are an ideal place to formulate kids’ conception of cybersecurity. It not only allows them to learn the basic principles but to form good habits and learn the evolving technologies related to cybersecurity. However, cybersecurity can’t be a one-day workshop; It needs to be a fundamental part of the curriculum and be available not only to kids with an interest in STEM but also kids who just want to watch YouTube videos and use Snap.

Helping kids protect their digital lives provides them with the tools to use the internet respectfully and responsibly as adults. It is an opportunity to not only ensure kids grow up to avoid the challenges their parents faced in the early years of the internet, but also to be the change we want to see online.