Education and Skills

Should cybersecurity be made part of the school curriculum?

Students are increasingly at risk of cyberthreats

Students are increasingly at risk of cyberthreats Image: Annie spratt/Unsplash

Kapil Mehta
Chief Financial Officer, Allied Digital Services
Our Impact
What's the World Economic Forum doing to accelerate action on Education and Skills?
The Big Picture
Explore and monitor how Education is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
Stay up to date:


  • Lockdowns and quarantines from the COVID-19 pandemic has led to a drastic reorganization of global education, with many education institutions relying heavily on digital devices for teaching.
  • Cyberattacks, though, are on the rise in the education sector.
  • Education institutions should develop cyber action plans and include a cybersecurity curriculum into all their teaching.

The COVID-19 pandemic and the subsequent rapid digital transformation of society is leading to a drastic reduction of the use of pen and paper in our classrooms. Students are, increasingly, using digital devices in their studies.

What many may not know, though, is that our students are increasingly at risk. Microsoft’s Global Threat Activity Tracker detected over eight million malware incidents between July and August 2020 — with education being the most affected industry. Research from Microsoft shows, in fact, that 61% of reported malware encounters came from the education sector.

Have you read?

School and home networks are easy targets for cybercriminals. Internal and external threats can infringe and endanger education institutions, students, and their homes, with devastating consequences.

Leaders in the education sector should take a proactive approach by prioritizing important changes in how they protect their student’s and staff’s data. Through a proactive game plan, schools can thwart attacks by prioritizing key areas to limit the damage that can be inflicted by an inevitable cyber threat.

K-12 schools are increasingly hit by cyberattacks
K-12 schools are increasingly hit by cyberattacks Image: K-12 Security Information Exchange

Cyberattacks in the education sector continue to rise. Since 2016, there have been 855 reported cyber incidents American schools. Nearly 348 attacks occurred in 2019 alone - a three-fold increase from the year before.

Why are students being targeted?

Educational institutions, specifically public K-12 schools, are soft targets for unprincipled hackers. Students who may act carelessly, or who are unaware of cyber threats, could open easy doorways for hackers to infiltrate school networks. While a lot of resources are being spent to equip workforces with the knowhow against cyberthreats, little is being done to educate students in this regard. Schools should, as a first port of call, avoid:

  • Unauthorized disclosure of student data
  • Breaches that disturb operational processes
  • Phishing that gets access to credentials and potential misuse
  • Damage to existing systems. Ransomware could be a threat depending on the institution

With cybersecurity being a major threat to entire economic systems, it is worth considering whether or not it should be taught as part of the curriculum in schools.


What is the World Economic Forum doing to improve digital intelligence in children?

Formulating a cyber-response action plan for an education institution

The first step in formulating a cyber-response action plan, is identifying the talent at your disposal. From the perspective of the education institution, there often is a knowledge and experience gap in how to respond to cyber threats. Most schools don’t have employees who have the expertise to effectively manage cybersecurity and develop training modules for the school to utilise.

If we're going to effectively equip children with knowledge on the perils of cyberattacks, education institutions should include a cybersecurity curriculum from as early as the sixth grade. Such an initiative needs to be implemented at a government level and in collaboration with key stakeholders. To execute the plan successfully, teachers will need to be properly trained.

Governmentally approved training courses can be developed and initiated with the help of industry partners. Education institutions should be empowered to independently incorporate cybersecurity into their operations and curriculum.

How children are introduced to the internet is a critical element for success. They need to be educated and made aware of the dangers of accessing the internet from early on. Families may need to work in tandem with schools to diligently communicate the importance of cyber security.

Curbing and controlling cyber incidents is critical for our education system. Not doing so could have major socioeconomic implications. It is time for our government's and education ministers to start budgeting for cybersecurity action plans and curriculum's. Effective enforcement will rely on having clear objectives, good management, and proper collaboration with stakeholders.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Related topics:
Education and SkillsCybersecurity
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

How to harness generative AI and other emerging technologies to close the opportunity gap

Jeff Maggioncalda

June 21, 2024

About Us



Partners & Members

  • Join Us

Language Editions

Privacy Policy & Terms of Service

© 2024 World Economic Forum