As the ed tech coordinator and mobile integration specialist of Eanes Independent School District in Austin, Texas, cybersecurity is very much top of mind for Brianna Hodges. While topics including cyber safety and student privacy have always played roles in the district, the technology students now use regularly in the 1:1 district has changed.
That’s why Hodges believe it’s crucial students are taught to think more about how they’re engaging with technology in their lives. And she knows that requires more than just giving children a quick lesson once a year.
“We understand that the conversation needs to be part of the curriculum,” she told Education Dive. “There isn’t an off-the-shelf curriculum that we can use.”
Before you click 'yes' or flip the switch
Most students in the U.S. now have access to computers in their homes — up to 94% of children ages 3 to 18 as of 2015 do, according to the National Center for Education Statistics, which also notes 61% of this population has online access as well. This makes knowing how to safely navigate the internet even more crucial.
Hodges said even adults can make mistakes when they quickly jump onto their devices, download an app, and agree to the terms and conditions without going through the fine print and knowing what they’ve consented to follow.
That’s exactly what she hopes to encourage teachers to think about, as well as what she expects they’ll teach their students, when Eanes ISD launches its new cybersecurity program during the 2019-20 school year. Some of the lessons are already at play, such as what middle school kids are taught during a robotics class at West Ridge Middle School, where Jason Spodick encourages them to think about privacy and drone laws, Hodges said.
Bringing a quadcopter into the classroom, Spodick presses his students to consider camera drones in particular. While they may be fun to play with in a backyard, a neighbor may have a different opinion if one flies across the fence and peers into their home.
“[These lessons] have been really powerful,” Hodges said.
Home economics updated
Making cybersecurity lessons stick — like the way middle school students are learning about privacy and drones — is crucial, said Kelvin Coleman, the newly-tapped executive director of the National Cyber Security Alliance (NCSA), based in Washington, D.C. The organization runs a website called Stay Safe Online that's loaded with suggestions, such as a downloadable Digital New Year’s Resolution Tip Sheet.
To Coleman, the days when people could leave technology know-how in the hands of so-called experts are in the past. Instead, he said, knowing how to stay secure online is as necessary as knowing how to make a phone call, tie a shoe or boil water.
“We need to be looking at cybersecurity like how people once looked at home [economics],” Coleman told Education Dive. “It’s one of these essential skills that you need to get through today’s life.”
Coleman, who took the helm at the NCSA in December 2018, is adamant that high school is too late for students to get their first lesson on how to keep their smartphones, laptops and other connected devices safe. Instead, he encourages administrators and curriculum designers to start looking at how to weave these lessons into elementary school classes, as “that’s where a lot of kids are starting that technology journey,” he said.
To start, Coleman admits that while young children may not understand malware, they certainly can comprehend the idea of getting sick. Just as students learn how to wash their hands to keep from spreading germs, they can certainly grasp that they need to keep their technology clean so as not to spread viruses to other devices.
For older students — and administrators, too — pushing to create a strong password is always a good starting point. While many students may have smartphones and laptops that open with biometric triggers such as fingerprints, there’s almost always a need for written passwords to unlock apps. If someone has a harder password to crack, a “bad actor is likely to move on to an easier one,” he said.
Finally, Coleman encourages people to adopt the phrase, "When in doubt, throw it out." Practicing what he preaches, Coleman recently got an email with a link from colleagues that looked a bit odd to him. He made a quick call to his staff, and they assured him the email was normal.
"That took all of 10 seconds to ask, 'Is this really something I can trust?'" he said.
In some cases, University of Dayton Associate Provost and CIO Thomas Skill notes, it may be difficult to get through to students — particularly those born after 1995, which is certainly anyone who would be attending a K-12 school today. These students, colloquially referred to as Generation Z, are considered "digital natives," having never known a time when they couldn’t connect to the internet.
This fluency with the connected world gives them a high comfort level with the technology, but there are areas where they are still naive, said Skill, also a professor in the university's communications department. They may have strong gaming and social media skills, but that doesn’t mean that they understand the risks that populate the online world.
"I would say kids today are kind of an interesting contradiction that, in one sense, they’re very savvy about some things, and yet very naive about others," Skill told Education Dive. "They’re not savvy about risks."
At the University of Dayton, Skill launched a marketing campaign in 2016 dubbed "A Year of Safe Computing." People developed newsletters and blogs, wrapping them with humor and cartoons to transform cybersecurity from something to fear into a conversation. That approach is easily translatable into lessons for K-12 students, certainly those in their high school years — and perhaps something elementary and middle schools must do as well.
“We need to be teaching them how to be sufficiently cautious, not being too horrific so they can’t be online, but by building a computer savviness,” he said. “I think we have a responsibility to augment all these experiences they have.”