Understanding the K-12 Cybersecurity Learning Standards

Cybersecurity is a rapidly growing career that can lead to well-paying jobs for students interested in applying their technical and problem-solving skills to issues of privacy and safety. Cybersecurity as a field, or area of study, should be understood as the collective methods, technologies, and processes that are used to help protect against criminal or unauthorized use of electronic data. This field offers students an opportunity to explore the importance of their own digital citizenship to ensure their own security. Pursuing a career in cybersecurity means that students will be encouraged to question their own technology usage as it relates to understanding the responsible use of technology on a grander scale, whether that be within a company, government agency, or so forth. With rapidly advancing technologies and an increasing amount of data available online - this career path is likely to see continued demand.

Currently, there are just over 1.1 million individuals employed in the cybersecurity industry with an estimated 769,736 project openings in 2022. The state of cybersecurity education in the US has seen rapid shifts to accommodate growing demands for this cyber workforce. CYBER.ORG, an academic initiative of the Cyber Innovation Center, is a current leader in providing K-12 students with early access to cybersecurity education in order to prepare them for the cyber workforce of tomorrow. They completed a national survey of 918 K-12 educators, reporting that three-quarters of educators say their students have a medium or high level of interest in learning more about cybersecurity careers and career paths.?

This report also showed that the gap identified between available cybersecurity jobs and the workforce qualified to fill them may be attributed to both a student and educator's lack of knowledge, awareness, and engagement with the field.

Our team at CS for Success is just one of many organizations that recognize the important role that cybersecurity plays in today’s world and also our future. That is why we have partnered with CYBER.ORG to better understand their resources to make cybersecurity education accessible to all K-12 students and educators.

To get started, we’re looking at the National K-12 Cybersecurity Learning Standards.

Why are the National K-12 Cybersecurity Learning Standards important?

As the first national effort to align cybersecurity learning criteria across all 50 states, the K-12 Cybersecurity Learning Standards aim to build a strong, more diverse talent pipeline to protect U.S. national security and maintain U.S. competitiveness on the world stage, while helping address the cybersecurity workforce shortage. According to Kevin Nolten, ?Vice-President of the Cyber Innovation Center, “The National K-12 Cybersecurity Learning Standards are critical to providing the next generation of students with the skills and knowledge to pursue cybersecurity careers, ultimately helping solve the cybersecurity workforce gap…For the first time, educators have a roadmap for uniformly teaching cybersecurity to students in each grade band across the country. We are thankful to all our partners who dedicated their time to making the standards an incredible success and look forward to helping states adopt the standards in the coming year.”

How to Use the K-12 Cybersecurity Learning Standards

The key to effectively using any set of learning standards is knowing how to interpret them.. Many learning standards are visualized as a progression of skills that build from one year to another, creating a picture of what a student should know and be able to do to achieve mastery of a concept and the K-12 Cybersecurity Learning Standards are no different in that regard.?

CYBER.ORG has designed their standards such that the Core Concepts - Computing Systems (CS), Digital Citizenship (DC), and Security (SEC) - represent major concepts or “big ideas” fundamental in cybersecurity education. Each Core Concept is divided into multiple Sub Concepts that represent specific ideas within that Core Concept.

Each Sub Concept is further subdivided into multiple Topics which represent specific content areas within that Sub Concept and Core Concept e.g. the? Internet of Things (IoT) covered within CS, Threat Actors covered within DC, and Cryptography covered within SEC. The standards are then arranged by grade band: K-2, 3-5, 6-8, 9-12

Using an example from the SEC Core Concept, you can see how the standards within the Access Control Topic progress across grade bands.

How to Unpack the K-12 Cybersecurity Learning Standards

The goal of unpacking standards is to create a map of prior knowledge and skills mastered and to identify the learning concepts contained in the current standard. Fortunately, there are many ways to extract this information so you may teach from a standard. Ultimately, unpacking a set of learning standards will allow you to develop new content and curriculum or do a deep dive into preexisting coursework.?

To get you started, we have created an easy-to-use template to assist with the unpacking process. Given that CYBER.ORG has developed their learning standards in a way that it is easy to identify Core Concept → Sub Concept → Topic → Standard, completing the unpacking process should take no more than 5 minutes per standard within your identified grade band! You’ll want to make sure to have the? K12 Cybersecurity Learning Standards on hand when completing this templating to make this process as streamlined as possible.

So, let’s test it out. if we were to use the same example from the SEC Core Concept and ACC Topic that we saw outlined above, what would it look like to complete this template and unpack this standard for 3rd - 5th grade?

The first step to completing this template is identifying the standard you want to unpack - in this case, the 3rd - 5th grade standard for SEC.ACC.? Once you’ve identified the standard you want to unpack, place it into the green box of the template. Next, write the Identifier, Concept, Subconcept, and Topic in the appropriate areas within the template. This information will help keep you focused on ensuring students understand that their information should be protected and they have to right to grant or withhold access to it.

At this point, your template should look something like this:

If we dig into our K12 Cybersecurity Learning Standards, we need to identify the Clarifying Statement for this standard and place that in the box directly below the green box in the Explanation. This information helps you better understand the standard and gives you suggestions for activities.?

Now you’ll want to unpack the standard to identify what exactly students need to master. To do this you will underline the verbs and circle (or bold) the noun phrases. The verb will describe the way students will prove mastery. The noun phrase is what students need to know.

Before you start to fill in information for the New Knowledge and New Skills, take a look at the standard(s) that come before the one you are working on. In our example, the standard that comes before is: K-2.SEC.ACC Define access to private information. Take a beat to compare the two standards. In this case, students should already know what private information is. If students have already covered that standard in kindergarten, then you will just remind students of that learning. If they haven’t gotten that learning, you’ll have to cover it in your activity.

We’re almost done unpacking the standard! Only two more steps to go – before we continue, let’s take a look at our template up to this point.

So what's left? To finish the unpacking process, you will review the standard and explanation to identify the New Knowledge and New Skills students need to attain. Lastly, you will create authentic activities and opportunities for students to learn the material and practice the skill. Let's take a look at what this will look like for our example:

...And that's it! You've successfully unpacked your first K-12 cybersecurity learning standard using our unpacking template.

With this tool for unpacking learning standards, you will be able to create a lesson that addresses what students need to know and be able to do to master any of the K-12 Cybersecurity Learning Standards.?

Have questions about getting started with the K-12 Cybersecurity Learning Standards? Contact us at [email protected].

About CYBER.ORG

CYBER.ORG, formerly the National Integrated Cyber Education Research Center (NICERC), is a cybersecurity workforce development organization that targets K-12 students with cyber career awareness, curricular resources and teacher professional development. The United States Department of Homeland Security (DHS) supports CYBER.ORG through a grant from the Cybersecurity Infrastructure and Security Agency (CISA) to develop and distribute cybersecurity education content to educators across the country at no cost. Currently, more than 27,000 teachers across all 50 states and three U.S. territories are enrolled in the CYBER.ORG content platform. For more information, please visit https://www.CYBER.ORG.

CS for Success is preparing students to be leaders in a technologically advanced society -- we aim to create a more equitable, accessible, and inclusive landscape for high school computer science education. Learn more now.