Calls for five year old students to learn how to protect themselves online

22 Feb 2023
  • Top of page
  • Main text
  • More on this topic
Young boy sitting alone in front of a computer screen
Experts say it is too late to educate students about fundamental aspects of cybersecurity in years 11 and 12.

If Optus, Telstra, and Medibank aren’t safe from cybercrime, who is?

More children than ever are using the internet, and they’re using it younger than ever before.

Now, a new report led by Edith Cowan University (ECU) Associate Professor and Security Research Institute (SRI) Deputy Co-Director Dr Nicola Johnson has recommended additional consultation around cybersecurity curriculum needs to occur.

“We need to start early with five-year-olds. We need to get the curriculum ‘right’ for WA. There is a need to educate people from a young age to protect themselves from common cybersecurity threats,” Dr Johnson said.

Cybersecurity curriculum mapping

The Cyber Security Cooperative Research Centre 2022 report determined that WA school children might miss out on learning key cybersecurity skills in the current curriculum.

“Exactly what needs to be taught surrounding cybersecurity needs to be very clear within the curriculum. Teachers need professional learning to help them teach cybersecure behaviour effectively and confidently.

While primary students are taught about the dangers of using the internet and how to be safe online, the report pointed to the vagueness of what is to be covered in the new version of the Australian Curriculum.

“It is only in year 11 and 12 elective subjects that students are taught what is now fundamental aspects of cybersecurity; this is too late,” Dr Johnson explained.

In year 11, students completing Computer Science as a part of their WA ATAR are required to learn the role of ethical hacking in network security, penetration testing, encryption, and two-factor authentication.

“There is a strong case for this key knowledge as well as Australian privacy principles and laws to be explicitly taught at much younger ages, given how cyber criminals so quickly and creatively come up with new ways to scam our citizens.”

Securing the future of cybersecurity

Australia is experiencing a critical shortfall in the cybersecurity workforce.

Recognised by the Federal Government as the fastest growing employment sector with an estimated 17,000 new jobs by 2026, Dr Johnson says more intensive cyber security teaching in schools could ease future shortages.

“By teaching content typically learned in senior secondary to younger children, we can reduce both future job shortages and the enormous cost of cybercrime,” Dr Johnson said.

“We acknowledge that for these changes to be implemented, attention needs to be given to resourcing, particularly in regional schools. This can be achieved by further consultation with industry providers and the Australian Cyber Security Centre (ACSC).”

Dr Johnson is co-facilitating stakeholder consultation workshops at the end of November. Interested participants should make contact.

The report was compiled with research from Edith Cowan University staff including Dr Nicola Johnson, Deputy Co-Director of the Security Research Institute (SRI), Associate Professor of Digital Technologies in Education, School of Education, Dr Leslie Sikos, SRI/School of Science, Dr Ahmed Ibrahim, SRI/School of Science, and Dr Cheryl Glowrey, School of Education.

The project is supported by the Government of Western Australia, the Office of Digital Government (DGov), under its participation in Cyber Security Cooperative Research Centre (CSCRC). ECU and SRI performs research and development as the CSCRC’s research provider.

The work has been supported by the Cyber Security Research Centre Limited whose activities are partially funded by the Australian Government’s Cooperative Research Centres Programme.