DEF CON 32 Cybersecurity Schoolhouse Rock Avi McGrady

Almost since the internet was made widely available to the general public, average technology users have fallen prey to threats from malicious spam, malware, phishing, smishing, scams, fraud, and ransomware. In most of the US, primary and secondary education (in the US, comprising kindergarten through 12th grade) now incorporate computing technology as an integral part of the classroom, and some families introduce computing platforms to children in their toddler and preschool years. Despite our society's growing dependence on computing technology in the world of education, there remain no national standards or curricula for the teaching of data privacy or information security principles. This disconnect sets future generations up for failure, and a continuation of a cycle of ignorance that perpetuates cybercrime victimization. This presentation makes the case that schools must adopt and incorporate concepts of data privacy, information security, defense against fraud and phishing, and internet safety, in age-appropriate ways, into lesson plans at all grade levels. Further, school districts and independent schools must take steps to protect themselves from the threat of ransomware, data breaches, and other forms of criminal activity.