Security Education, Security Management

Hacker High – Why we *need* to teach hacking in school

Posted on by Ron Woerner in Security Education, Security Management

This rant is in response to Quinn Norton’s opinion piece from May 20, 2014, “Everything is Broken.”  (Link: https://medium.com/message/81e5f33a24e1)

<rant>

I have a simple solution that’s hard to implement: TEACH HACKING IN HIGH SCHOOL*! Yes, you heard it right. We need to teach our kids all about technology. Including how to break it and how to fix it. It’s incredible how little they really know. To them it’s PFM (Pure Frickin’ Magic). We won’t solve this problem with our adults. That’s why we need to get the kids involved. The problem is that they think they understand technology, but it’s only how to use it. Many (most) are clueless about systems & network administration as well as security. “Dad, the computer’s broken again…” I don’t think this is just my teenage kids.

The curriculum development is easy; adoption is hard. This is for three reason:

1.  Cyber isn’t included in the common core curriculum, so they don’t have time to teach it as a primary subject. They try to teach it on the side with limited affect. The problem is also with our government officials who don’t see cyber as important. A fun study would be to see how many government leaders are proficient in technology. My hypotheses is that it’s less than 10%.

2.  We don’t have teachers qualified to cover it and the good computer folks don’t want to take the huge pay cut. [At my daughter’s middle school, cybersecurity is taught by history and English teachers… I’ve volunteered many times to come into their classrooms and hear crickets…] It’s often that the teachers don’t know what they don’t know and are afraid to look ignorant if they ask for help. [NOTE: There are some fantastic teachers out there doing great work. This doesn’t apply to them. The problem is that they are the minority. They are also limited by what they can do and what they can teach.]

3.  There’s no standard curriculum for Information Technology or cybersecurity. It’s up to the teacher to develop his/her own, which is therefore based on his/her knowledge. (See #2.) Local school boards are responsible for deciding what’s included in their schools curriculum, but they don’t seem to understand cyber. Another fun study would be to see how many school board members are proficient in technology. My hypotheses is that it’s less than 20%.  We need a standard cyber curriculum for the teachers to work from.  It should be broad enough to allow flexibility for the teachers, yet cover primary topics of how the technology works.

We need to find a way to teach IT and cybersecurity to our kids starting in elementary school and then throughout middle and high school. The problem is that we’re blocked by adults who don’t understand the necessity.  The solution is out there people.  For example, see staysafeoneline.org and stopthinkconnect.org.  We just need to use it.

Help spread the word that we need to TEACH HACKING IN SCHOOLS. Talk to your local school board and elected officials.

*NOTE: I use the broad definition of hacking, meaning developing a curiosity on how things work. It’s not the malicious kind. When teaching hacking, ethics must be included. The intent is to keep the kids out of the orange jumpsuits (even if it’s the new black).

</rant>

[This rant reflects my opinion and not necessarily the views of my employer. ]