Cyber Security (QCT OneChannel Webinar with James Curran and Bruce Fuda)

This was a webinar presented by Prof James Curran and Bruce Fuda from the Australian Computing Academy who developed the [Schools Cyber Security Challenge](https://aca.edu.au/projects/cyber-challenges/. It was run by the QCT and hosted by @Anna. The focus is on cybersecurity.

A key distinction:

  • Cyber Safety: protecting the well-being of people (e.g., cyberbullying)
  • Cyber Security: protection of data and infrastructure

Great resources about cybersafety:



The focus of today is Cyber Security

  • It’s a national focus (e.g., because of scams)
  • It is now mandatory learning for students (Digitech: managing access to data, data privacy; ICT General Capability: applying social and ethical protocols and practices)

The ACA provides full curriculum mappings for everything here.

The ACA Cyber Security Challenges (link)

  • Covers the technical and non-technical aspects of cyber security (skills, problem solving, career options)
  • Free for students in years 7-12 (funding by AustCyber and industry)
  • Self-paced, automated marking and feedback (through GrokLearning)
  • A set of challenges

Information security (first challenge)

  • Information privacy and security through scenarios involving social media
  • Complements existing resources in schools
  • No programming required to participate
  • Suitable for pastoral care or IT classes in years 4-6

Cyber Sharing Cards Activity (for students)

  • Download the cards from here
  • This is an activity about what is and isn’t okay to share online
  • It lasts 1-2 hours and is appropriate for Years 5-6, 7-8, 9-10, 11, 12
  • It’s all mapped to the curriculum and is a really engaging activity
  • Examples: Is it okay to share your name? Is it okay to share your town/city? Your banking PIN? Your email?
  • They have a “ShareAware” poster that goes with the cards that you can get here

The Cyber Security Challenges are through the Grok Learning platform

  • The platform is really quite beautifully designed
  • Activities look like this, with a fake phone environment, which students find to be hugely engaging (it prompts exactly the right conversations)
  • The learning experience uses a fake Insta and Facebook “phone app” (on a fake phone) that helps students to “get” the concepts in a real world concept (as in this picture)
  • Examples of things like where: (you leak some information) and (a friend or family member leaks linked information) together gives away far too much (e.g., an address)
  • Parents are some of the worst offenders when it comes to leaking TMI online!
  • It’s got a mix of media: videos with professionals and then challenge questions
  • Students also get to see from an attacker’s perspective how their information might be exploited

Making good passwords is another activity in the cyber security challenge

  • Strong recommendations are to use a password manager to use two-factor authentication
  • These are the best defense available
  • This does take a bit more time, but it’s worth doing, especially for sensitive information (e.g., your email accounts and your banking details)
  • There are challenges where students get to take the role of an attacker, e.g., using data leaks combined with social media to find out someone’s personal details and passwords
  • The upshot is that you can be at risk (from leaks) even if you’ve done nothing wrong
  • Use a long passphrase rather than symbols and uppercase symbols

Overview of topics and challenges in the Cyber Security Challenges (in GrokLearning)

  • All of these are mapped to the Australian Curriculum
  • Web application security (what are web apps, why security matters, authentication, authorisation) [Year 7/8 but usable to Year 12; Good complement to HTML/CSS unit]
  • Simple tips for browsing online (checking a URL; looking for HTTPS and certificates)
  • Data encryption (crypto ciphers, data representation) [No programming needed, fits into IT classes, ideal for Years 7/8 but can be to Year 12]
  • Why is cryptography important? (security during transmission, security during storage)
  • Network security (how data is structured, routing protocols, man in the middle attacks, public key encryption, simulated network with micro:bit) [Fits into Year 9/10 IT classes]

Note: lots of great A1-sized posters (about browsing safely, about info sharing, about cryptography) are available on the ACA website here if you scroll down the page

To hear more from Bruce and James you can subscribe to the ACA here or on their website: https://aca.edu.au/