Cybersecurity Education by State

Although most pursue cybersecurity training and education after graduating from high school, cybersecurity is important to education at all of its levels – not just higher education. Education presents a unique challenge for cybersecurity, as it has traditionally been based upon the free exchange of information that is, and should be, available to all. Add that fact to the millions of students and staff across the nation who have not been trained in protecting their data or staying safe online, as well as the increase in online educational methods and strategies, and you can see why cybersecurity is such a vital part of education.

K-12 Cyber Education at the State Level

Despite what many claim, it is not true that public schools have not changed much over the years. True, the structure of K-12 school systems at the elementary and secondary levels has remained fairly unchanged, but the way that things are done has become drastically different. As our society is evolving into an increasing dependence upon technology, states are becoming more and more involved in providing cybersecurity education for children ages kindergarten through 12th grade. (For further, detailed information on this exciting phenomenon, check out our K-12 Cybersecurity Education Guide).

Unfortunately, more needs to be done by states to ensure cybersecurity education for their K-12 students. A recent survey by discovered that less than half of K-12 students were receiving any cyber education at school at all. Schools with lower-income students received even less cyber education than those with higher-income students.

The K-12 Cybersecurity Resource Center was launched in 2018 as a free, independent service to the K-12 community by the consulting firm EdTech Strategies, LLC. It notes that the number of K-12 students in the United States with access to broadband has increased from four million in 2013 to 44.7 million by 2018. This is largely because school systems are now much more reliant on information technology in order to facilitate learning.

Additionally, the K-12 educational technology market has created another source of income for technology and cybersecurity companies. According to the K-12 Cybersecurity Resource Center’s report, during 2018, most cyber incidents occurring at public schools occurred because of unauthorized data disclosures due to human error, unauthorized data disclosures of data held by vendors/outside parties, unauthorized access to data by students themselves, or unauthorized access to data by unknown external actors. Half of the breaches reported in 2018 were carried out by members of the school community, either knowingly or unknowingly. These breaches were often addressed by outside cybersecurity companies, creating new customers for them and, more business.

Also in 2018, there were 122 cyberattacks reported at 119 K-12 public education institutions, averaging to a cyberattack every three days. The education sector is the industry that ranked last in cybersecurity safety in a report published by Security Scorecard in 2018. Schools are suffering the identity thefts of students and faculty, as well as stolen intellectual property and a high cost for reconciling these data breaches, when they do occur (estimated at $141 per remediation of every leaked record).

It is believed that better cybersecurity education at the K-12 level, for both educators and students, can mitigate some of these cyber incidents. If teachers and students know what to do to protect themselves and their data, as well as what to look out for when using technology, they can better combat risks and prevent them from turning into incidents.

Cybersecurity Higher Education at the State Level

Cybersecurity programs at colleges and universities are proliferating, based on the great need for a trained talent pool to fill the many available jobs within the discipline. In1999, the National Security Agency (NSA) and the Department of Homeland Security (DHS) saw the need for excellence in cyber education at the post-secondary level. They created the National Centers of Academic Excellence in Cyber Defense (CAE-CD) program to reduce vulnerability in the U.S. national information infrastructure, through promoting the best cyber education and research in cyber defense, producing professionals with the talent needed to fill the gap.

As of 2020, there are 200 CAE in CD Education (CAE-CDE) programs at the Associate, Bachelor’s, Master’s and Doctoral levels. There are also 21 CAE in Cyber Operations (CAE-CO) programs, at the undergraduate and graduate levels. These programs are more technically-based than the CDE programs.

In addition to these outstanding college and university programs, there are many other cybersecurity, information security, information assurance and more programs available at our nation’s higher education institutions. These programs, while not CAEs, are still highly recommended, as long as they are accredited by agencies recognized by the U.S. Department of Education.

Consult our guide to Cybersecurity Scholarships to see how you can find help in paying for your cyber education!

Cyber Research at Universities

Additionally, the NSA has designated 77 CAE in CD Research (CAE-R) programs as of 2020. These programs are so noted as they increase the understanding of cyber defense technology, policy, and practices that help the United States to prevent and respond to cyber events.

Our nation’s colleges and universities are involved in some of the most cutting-edge cyber research that is being done anywhere. Just a few recent examples in the news include:

  • Researchers from Penn State, George Mason University, Dartmouth College and the University of Michigan were recently awarded a $500,000 grant extension to continue their cyber defense research into building solutions to combat cyberattacks.
  • Texas A&M University-San Antonio recently received a $1 million grant to create a Cyber Engineering Technology/Cyber Research Center
  • Northrop Grumman Corporation gave the University of Colorado, Colorado Springs $70,000 to conduct research on cyber protection in 2014
  • Stanford University’s initiative to understand cyberspace, cybersecurity and the challenges of networked information was supported by a $15 million grant from the William and Flora Hewlett Foundation.

Free and Low-Cost Cybersecurity Education Online

The National Initiative for Cybersecurity Education (NICE) maintains a list of constantly updated online cybersecurity courses and trainings that are either free or cost very little. The categories of trainings and courses that they list include:

  • Career and Professional Development
  • Employee Awareness Training
  • Educator Training and Curriculum
  • K12 Education and Games

These can provide a good foray into cybersecurity, for children or for those who are thinking of a career change. Test the waters to see if cybersecurity might be right for you!

Cybersecurity Higher Education in Europe

If you are inclined to study cybersecurity abroad, your choices are not limited. The European Union Agency for Cybersecurity (ENISA) has compiled a database of 105 undergraduate and graduate cybersecurity programs across 23 countries. This searchable database may be found here. Examples of some programs that are listed include:

  • Laurea University of Applied Sciences, Espoo, Finland – Bachelor’s Degree in Business Information Technology (Cybersecurity Specialization)
  • Masaryk University, Brno, Czech Republic – Master’s Degree in Computer Systems, Communication and Security (Information Security Specialization)
  • University of Salerno, Italy – Bachelor’s Degree in Diplomatic, International and Global Security Studies
  • Universite Grenoble Alpes, France – Master’s Degree in Cybersecurity