All Articles Education Edtech 3 steps for teaching cybersecurity in the classroom 

3 steps for teaching cybersecurity in the classroom 

Here's how a school district in Texas with limited cyber-savvy taught cybersecurity to its junior-high and high-school students.

5 min read


3 steps for teaching cybersecurity in the classroom 


Students live much of their lives online, especially now with the transition to remote learning. Cybersecurity skills are a must. They need to understand how to safely navigate this digital world, taking advantage of its offerings while avoiding the dangers of its darker corners.

Our district, Hurst-Euless-Bedford Independent School District in Bedford, Texas, launched its first cybersecurity class for seventh-grade students in 2018. When we began our journey, there were no cybersecurity experts among the teaching staff — we just had a sense of urgency to provide a high-quality curriculum for our students. We wanted to equip them with skills they could use now and take into the workforce. We discovered, an organization aimed at K-12 cybersecurity education and workforce development. We worked with them to create a program, based on three core principles, that has become a training ground for our students. 

Laying the Groundwork 

Several cyber curricula are available for grades 9-12 but none that begin at the junior high or middle school level so we built our own. It’s designed for grades 7 and 8. We wanted to give students a foundation of cybersecurity knowledge and skills that would prepare them for high school coursework and later, industry certifications. 

Our curriculum features a sequence of concepts from the first-level high school cybersecurity course taught in the ninth grade. It takes into account the preexisting knowledge and the maturity level of the student. Concepts include Hardware/Operating Systems, Software (including malware), Networks, Coding, Cryptography, Digital Citizenship/Cyber Safety, Career Explorations and Ethics/Law (including ethical hacking). We then focused our professional development efforts in these areas.

Vertical Alignment

Cybersecurity curriculum is rigorous; it can be intimidating for educators who have no background in the field. Our vertical program — concepts presented in sequence over three years — aims to remove the fear factor. It breaks complex ideas into smaller concepts, making it easier for teachers and students to gain confidence and mastery.  

In our program, we introduce a concept in seventh grade, expand on it in eighth grade, then assess for mastery in ninth grade, using the Texas Essential Knowledge and Skills for the Foundations of Cybersecurity Course as our guide. For example, in the Cryptography track, students spend their seventh grade year learning the basics — what cryptography is, its purpose and why data needs to be encrypted. The following year, they research historical uses of cryptography and investigate different methods, including shift ciphers, substitution ciphers and Morse code ciphers. In ninth grade, students create their own ciphers and compete in an ethical hacking competition to demonstrate mastery of the concept.  

Strong Support System hosts the Cyber Education Discovery Forum, a three-day event, held each summer, for K-12 educators who teach cybersecurity programs. Breakout sessions and full-day workshops outlined tactics for teaching different security topics, getting students interested and exposing them to potential career opportunities in this field. 

I attended the Cyber Fundamentals with micro:bit workshop. It taught the basics of block-based coding using the micro:bit, a pocket-sized programmable computer. This is perfect for our elementary-school computer-science students. We are considering ways we can use this tool to introduce coding and cyber concepts in the early grades, then build on those ideas in junior-high school.

We leaned heavily on support for our program rollout. They fielded questions about the curriculum and walked us step-by-step through the answers. And when we requested additional research materials — to better understand the curriculum and implement it properly — they were quick to supply us with what we needed. 

Considering a program like this for your school? Here are some lessons we learned from our experience.

  • No cyber skills or experience? No problem. You don’t need to put together a team of cybersecurity or coding experts for your entry-level classes. These are learnable skills, with the proper professional development. Teachers who are curious, eager and enjoy a challenge are perfect candidates.
  • Choose the right partner. Get a partner like that works closely with you and tailors PD to your needs. Our workshops were aligned to our skill level and curriculum goals. Attendees were even able to switch workshops, at any time, to make the most of their time. 
  • Consider teaching in small group settings. This is rigorous material. Working in small groups helps make students — especially our English-language learners — feel more comfortable and willing to ask questions.
  • Keep it real world. Integrate current events into your lessons and classroom discussions. Our students knew that we were training them for industry certifications. That goal was always in their sights. It not only helped keep them motivated, it put everything we did into a real-world context.

Kiera Elledge is the STEM coordinator for the Hurst-Euless-Bedford Independent School District in Bedford, Texas. She has recently focused on developing and implementing a three-year cyber curriculum for two of the district’s five junior high schools.  


Like this article? Sign up for SmartBrief on EdTech to get news like this in your inbox, or check out all of SmartBrief’s education newsletters, covering career and technical education, educational leadership, math education and more.