Dive Brief:
- Cyber.org, the academic arm of the nonprofit Cyber Innovation Center, on Wednesday unveiled its K-12 cybersecurity learning standards in an effort to align criteria nationwide and support the development of a strong, diverse talent pipeline in the high-demand STEM field.
- The standards, which states will have the option of adopting ahead of the 2022-23 school year, are built around three themes representing fundamental areas of cybersecurity education: computing systems, digital citizenship and security. Each area covers relevant topics like the Internet of Things and threat actors.
- "Educators now have a clear rubric to guide cybersecurity curriculum and help address the existing gaps in the talent pipeline," said Janet Hartkopf, cyber program director at Basha High School in Arizona's Chandler Unified School District, in a press release. The U.S. currently has over 464,000 unfilled cybersecurity positions.
Dive Insight:
The new K-12 cybersecurity learning standards have been touted as the first of their kind by Cyber.org as the nation faces both a growing number of advanced cyberattacks and a skills gap for professionals in the space.
Each core concept contains sub-concepts and topics, with standards for each arranged by grade bands that define understanding for K-2, 3-5, 6-8 and 9-12. The document also includes eight different approaches to implementation for teachers, school districts, state departments of education and informal education partners.
"For the first time, educators have a roadmap for uniformly teaching cybersecurity to students in each grade band across the country," said Kevin Nolten, director of academic outreach at Cyber.org, in a press release. "We are thankful to all our partners who dedicated their time to making the standards an incredible success and look forward to helping states adopt the standards in the coming year."
Cybersecurity education is increasingly critical not just for students interested in pursuing future careers in the field, but for practical knowledge in daily life and other career paths. K-12, for example, is among the most popular targets for hackers due to growing technology adoption and the increasingly digital nature of classrooms outpacing what budgets allow for when it comes to hiring cybersecurity personnel and procuring resources needed for adequate protection.
A report issued earlier this year by the K-12 Cybersecurity Resource Center found 2020 was a "record-breaking" year for cyberattacks against U.S. schools, with 408 publicized incidents marking an 18% increase over 2019.
Close to half of reported K-12 incidents involved data breaches and leaks (36%) and ransomware (12%), while 45% fell into an "other" category including unattributed malware, digital class and meeting invasions, website and social media defacement, and a variety of "related and/or low-frequency incidents."
According to results from the Consortium for School Networking's 2020 State of EdTech Leadership Survey, cybersecurity also remains the No. 1 technology priority for IT leaders, with 69% of districts reporting they're "proactive" or "very proactive" in maintaining network security.
Aside adopting more robust cybersecurity resources, additional steps districts can take to mitigate risks include conducting regular cybersecurity audits and performing drills in which a fake phishing email is sent to students and staff to educate what not to click on or open. Students and staff alike should also be educated on the importance of regularly changing and strengthening passwords and using two-factor authentication.