Grok Academy’s CyberSteps program has helped train 170,000 Australian students already. Credit: skynesher / Getty Images A computer science academic at Sydney University, and associate professor James Curran’s research was in computational linguistics. One of the programs he ran was the 27-year-old National Computer Science School. That was where he came across students and teachers who were enthusiastic about IT but did not have the technical skills they needed to pursue IT positions.To help address that, in 2012 Curran was one of the authors of the Australian Curriculum for Digital Technologies, which he described as a huge opportunity but also eye-opening. He tells CSO Australia that one of the challenges is that, yes, a new curriculum can be created — but the teachers need to be trained in what they are expected to teach. And when it comes to technology, the training onus is more challenging as the technology is constantly changing.“It’s very rare that we’d really introduce a whole new subject into schools. Computing has been one of those,” Curran says. “What a mathematics teacher learned at university to teach maths will probably set you up your entire career. [But] if you are one of the few computing teachers who actually had a computing background then you can throw away a chunk of what you’ve learned every few years,” he says.That is especially true for cybersecurity. Curran says that when he studied there was a unit on the subject, whereas now there are entire degrees on it. This continuous change in technology is a real challenge for the school system. Addressing that challenge is how he came to create Grok Academy, a not-for profit organisation focused on advancing computer education formed from two other organisations Curran set up: Grok Learning and the Australian Computing Academy at the University of Sydney.What Grok Academy offers students and teachersGrok Academy recently launched phase 2 of CyberSteps, a project that aims to facilitate access to cybersecurity learning. It provides a series of free online activities and challenges that help equip teachers to teach cybersecurity knowledge to students but that can also be taken by the students themselves whenever they want. An earlier version of the program saw 170,000 students taking part of the activities, which start with basic topics such as knowing not to reuse passwords, to use passphrases, and two-factor authentication to more complex knowledge such as introductory cryptography, web application security, and network security.Grok Academy also runs webinars and offer online resources for teachers to help with their professional development. These include lesson plans, teacher notes, solutions, and other materials teachers need to be able to deliver the content with confidence.The content is recorded by professionals themselves, which, Curran says, helps school kids across the country associate what they are learning to, very often, well-paid jobs done by people who love what they are doing.Reaching regional and remote communitiesEverything has been designed so schools and students with reasonable internet access can do the challenges, and Curran says there is already many kids in regional and remote Australia doing the activities. “We’ve been careful in the platform as a whole, and in these particular activities to keep the bandwidth under control so that they are suitable for most schools,” he says.“If you are a kid in a regional area, you may not know someone who’s an IT professional of any kind. We strongly believe the ‘You can’t be what you can’t see’ mantra, and a key part of the challenge is the fact that we’ve got a range of people in a range of cybersecurity roles and backgrounds and demographics — from new grads through to the chief information security officers themselves — presenting this material so that every child can think ‘that could be me in a few years’ time’,” Curran says.The future of CyberStepsCyberSteps has entered the second phase of the project, which now includes events called Cyber Live, which are massive infrastructure-attack scenarios. The first one used the V-class destroyer HMAS Vampire, parked in Darling Harbour, in Sydney. A scenario had the kids to free the captain as the Vampire has been taken over by hackers. The captain can’t get off the ship, the weapon systems have been taken over, and this one attack is part of a larger worldwide global infrastructure attack that students are trying to resolve. Future versions of the curriculum are expected to address increased concerns over cybersecurity and privacy.CyberSteps is backed by the Department of Industry, Science, Energy, and Resource through the Cyber Security Partnership Fund and by the Australian Signals Directorate. In June 2021, it was awarded $1.8 million from the Cyber Security Skills Partnership Innovation Fund. It also counts on support from the big four banks—ANZ, Commonwealth, Westpac, and NAB—as well as from Amazon Web Services, British Telecom, and Canberra-based Fifth Domain.This support is not only done financially but also through supporting the platform that teachers and students access free of charge and developing the activities, including the content taught, how it is described to ensure that it’s been done consistently with language used in the industry, and case studies.The activities start for Years 5 and 6 and up to Years 11 and 12. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe