North Dakota has become the first state to require computer science and cybersecurity education for all K-12 students.
Gov. Doug Burgum and North Dakota School Superintendent Kirsten Baesler celebrated the governor’s signing of HB1398, which requires the teaching of computer science and cybersecurity and the integration of these content standards into school coursework from kindergarten through 12th grade. Baesler said North Dakota is the first state in the nation to approve legislation requiring cybersecurity education.
“Today is the culmination of years of work by stakeholders from all sectors to recognize and promote the importance of cybersecurity and computer science education in our elementary, middle and high schools,” Baesler said at the bill’s signing ceremony on March 24.
“Our vision is to integrate and underscore the importance of computer science and cybersecurity instruction into the classes our students take as they move through our K-12 system,” Baesler said. “Under this bill, the information and knowledge our students need will be part of every grade level, which is appropriate when you consider the role that technology plays in our everyday lives.”
EduTech, a division of North Dakota Information Technology that provides information technology support and professional development for K-12 educators, will develop examples of cybersecurity and computer science education integration plans that may be used to assist local schools develop their own plans.
Burgum said HB1398 was in keeping with his administration’s emphasis on developing student and citizen knowledge of computer science and cybersecurity, which he described as “one of the most pressing issues that we have in North Dakota.” The administration’s PK-20W initiative, with its vision of “Every Student, Every School, Cyber Educated,” aims to ensure students have the skills and know-how to succeed in a technology-driven economy.
“Our students have more access than ever to computers and technology devices in our schools. It’s crucial that our students also learn cyber safety skills,” Burgum said. “The ability to manage technology is also important in helping our North Dakota students to get good jobs. Employers look for students who have the skills to take on tech challenges and cyberattacks, and complete daily tasks using technology devices.”
Burgum has encouraged North Dakota’s young people to pursue careers in computer science, cybersecurity and technology, including the promotion of Cyber Madness school tournaments and Girls Go Cyberstart competitions in North Dakota’s schools.
Last year, the governor announced that any North Dakota resident may take online classes in cybersecurity, networking, programming, and other subjects to bolster their knowledge, improve their job skills, and explore whether they want to pursue a technology career. “North Dakota Citizens Skills for All” is offered by the Cisco Networking Academy through EduTech.
Baesler said HB1398 was the capstone of work that began in 2015, when the Department of Public Instruction formed a working group of legislators and other stakeholders to craft a vision for K-12 education’s computer science and cybersecurity instructional needs.
Since then, in collaboration with other state agencies, business and industry experts, families, teachers and administrators, the NDDPI has led the development of K-12 computer science and cybersecurity academic content standards, and cybersecurity and computer science credentials for educators to add to their teaching licenses.
HB1398 grew directly from the November 2021 special legislative session, when lawmakers directed Baesler to “collaborate with workforce development stakeholders and the K-12 Education Coordination Council to determine how best to integrate computer science and cybersecurity into elementary, middle, and high school.”
Baesler and Burgum thanked the bill’s primary sponsor, House Majority Leader Mike Lefor of Dickinson, and its other sponsors: Rep. Glenn Bosch, R-Bismarck, the House assistant majority leader; Rep. Cynthia Schreiber-Beck, R-Wahpeton, the vice chairwoman of the House Education Committee; Rep. Anna Novak, R-Hazen; and Rep. Emily O’Brien, R-Grand Forks, as well as Republican Senate sponsors Dean Rummel of Dickinson, David Rust of Tioga and Shawn Vedaa of Velva.
“It was the leadership of this group of sponsors that helped HB1398 get the overwhelming support it had in the House and Senate,” Baesler said.
HB1398 was approved 81-11 in the House on Feb. 16, and 44-1 in the Senate March 16.
“This is a significant move by Governor Doug Burgum, not more feel-good window dressing, as it mandates student instruction in ‘computer science, including cybersecurity,’ at the same level as mandates for reading, writing, history, and arithmetic,” said Jack Danahy, VP of strategy and innovation at NuHarbor Security. “It’s a meaningful addition to the national discussion on cybersecurity because it acknowledges the central role that computing plays in today’s economy and society. None of those other traditional subjects can even be taught in the present age without secure, reliable, systems.”
The most meaningful gap in most people’s cybersecurity knowledge is one of language and concepts. If I were to define either of those curricula, I’d start with presenting the language of cybersecurity. What actually is a data breach? What conditions create opportunities for successful attacks, and what are the differences between the well-known attack types? Why are unique passwords or MFA a requirement in today’s environment, and what happens when someone’s credentials get stolen?
This style of education, informing about the nature of cybersecurity exposures and the appropriate means of closing them, is far more valuable than the usual discussions of the newest or most damaging attacks. As an example, everyone understands that ransomware is a problem, but few people would be able to describe the reasons why ransomware is so disruptive, and can the “same” type of attack both destroy data and publicly release it.
Cybersecurity education tends to veer almost instantly to technology, whether for attacks or defense. To make a real difference, state and local leaders should approach these introductory efforts to create a common language and understanding about cyber threats and the potential mitigations. These leaders, and members of their own staff, know many of the topics. Their service providers can enrich those topics with broader experience and the types of real-world examples that keep classes exciting and interesting.
This story contains material from a press release.