Should Aussie kids be taught cyber security in school?

Share:

Share on facebook
Share on twitter
Share on linkedin

How young is old enough to start learning about cyber security? 

Kids are effectively born with an iPad or smartphone in their hand these days, but aren’t taught about the potential dangers they could encounter online until much later in life (if at all!)

The body in charge of Australia’s national curriculum, ACARA, is proposing to teach children aged 5 to 16 about online safety and privacy. 

The cybersecurity lessons would be made appropriate for each individual age group, and introduce different concepts to students at various levels of learning. 

The changes would see a new “considering privacy and security” sub-strand added to the digital technologies component of the curriculum, which more broadly covers how data and digital systems work. 

In the proposed new sub-strand, students throughout their time at school would learn, among other things: 

  • Privacy and how to manage their digital footprint, including what not to share,
  • The importance of and how to use security controls, like unique passwords and multi-factor authentication,
  • How to manage other people’s data,
  • How to identify and avoid common cybersecurity threats, like clicking on pop-ups.
By the end of year 10, students would be able to explain penetration testing and ethical hacking.


The curriculum would see kindergartners [pdf] taught how to tell people they don’t want their photo, full name, or date of birth taken or shared; to ask permission from a parent/caregiver before they enter personal details online; and how to identify the difference between personal/ private and public data. 

By the end of year 10 [pdf], students should be able to explain penetration testing and ethical hacking, how to effectively protect data at home and at work, how a password manager works, and how the Australian privacy principles should be applied to data, among other things. 

The changes would make Australia one of the first countries globally to include basic cybersecurity education in its school systems. 

The draft curriculum is in public consultation until July 8 and requires approval by the Australian government. The national curriculum is not mandatory for use by states and territories, but all implement aspects of it within their own education systems as appropriate. 

Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.

Emergency Assistance

Under Attack?

Please fill out the form and we will respond ASAP. Alternatively, click the button to call us now.