A Year 7 Cyber Security Lesson Plan

THE CHALLENGE

How do we create and test a lesson plan for 11-12 year-olds, that introduces them to concepts of cyber security, in a way that is non-technical, intuative, self-directed and contextual to their generation?

MOTIVATION (by Patrick B, from CyberFirst)

Hi there everyone. I’m Patrick, part of the UK government’s CyberFirst programme. I work in a team that does things that try to improve the cyber resilience of young students, as well as trying to nurture and grow a talent pathway into cyber careers. That is pretty complicated when we don’t have national curriculums that focus on preparing our youth with the real-life digital skills and expertise, beyond online safety tips and advice. Those students also need access to free platforms and resources that would allow them to consolidate their learning with hands on and legal opportunities to practice and learn. So that is what I’m working on.

AIMS (by Patrick B, from CyberFirst)

Specifically, what I want help with is a way to build something that begins to address that priority need. That is, how to start getting students thinking about cyber in relation to their own lives, so they can be more resilient in the way they secure their own devices, identities, and accounts.

The target age range

The education system as a whole gives few opportunities to get something extra into the school day, and once subjects and study paths are chosen, there is very little space at all!

OBJECTIVES (by Patrick B, from CyberFirst)

The solution I have started working, on targets students coming into KS3 (11 – 14 year-olds starting secondary education), so year 7 in the UK. While primary schools could eventually play its part in this solution, they are not part of the current plan, for scale and infrastructure reasons.

The existing product

What I have started to develop is a basic cyber hygiene course, taking students through the process of setting up a new smart phone, and letting them balance the threat, the cyber risk, with the options they can choose.

Basically, connect to the internet, authenticate to the device, downloads apps, create accounts and set their authentication choices, update any software, and finally be aware of internet footprints.

The end product will be 6 lesson/session plans, to help curate a journey for the students that goes beyond them being told what to do, but more how to understand both attack and defence methodologies really work, with hands on consolidation opportunities where possible. Students need to be encouraged to learn how to learn, so they have a strategy for engaging with any changes in technology, threat or defence options.

Call to action

What do I want from you? People to review the curated content, which will all be open source and publicly available. Why? To sanity check the content and signposted resources, to suggest different links or labs that may be better, as well as check we have covered the most essential elements in what we have prioritised. This is the start of a series of products but in particular the first step in helping everyone get the heads around cyber learning for the citizen.

So please join this special interest group and lets get cracking!

PROBLEM BOOK DOMAIN

Learning and Teaching in Cyber Security

SUBMITTED BY

Patrick B; CyberFirst NCSC