CISA funds expanding access to cybersecurity programs at HBCUs, K-12 schools

Black communities across the U.S. are increasingly being targeted with an array of scams, attacks and disinformation campaigns, prompting several efforts to kick into high gear to address the issue. 

One effort from workforce development organization CYBER.ORG is looking to kill two birds with one stone through an initiative called Project Reach – a feeder program created to recruit K-12 students to pursue undergraduate cybersecurity degrees and bolster the U.S. cybersecurity workforce.

With the help of funding from the Cybersecurity and Infrastructure Security Agency (CISA), the program was built to address the more than 760,000 cybersecurity positions currently open and increase awareness about cybersecurity issues more generally. 

Project Reach initially started last year with a National Security Agency-funded pilot at Grambling State University. Cybersecurity lessons were integrated into the curricula at three high schools in Louisiana including Woodlawn High School, Huntington High School and Southwood High School. 

The goal was to raise students’ foundational and technical skills in cybersecurity, according to Corisma Akins, cyber education specialist at CYBER.ORG, who added that another goal was to increase interest in Grambling State University’s cybersecurity program.

“Project REACH provides high school students with improved access to cybersecurity education, resources to help them improve their cybersecurity skills, and opportunities that will help to connect the dots to pursue cybersecurity careers,” she said. 

A recent study found students in small and high-poverty school districts are significantly less likely to be exposed to cybersecurity education, resulting in lower-income and minority students having significantly fewer pathways to entry into this critical field of study. 

The same study said less than half of all K-12 classrooms across the U.S. offering cybersecurity education. 

The expansion of Project REACH will help increase awareness of and access to cybersecurity education for Black K-12 students, Akins explained, noting that the initiative includes outreach to educate Black communities about what cybersecurity is. 

“The cybersecurity industry has a diversity problem,” she said. “There is an urgent need to fill the pipeline with qualified candidates from all backgrounds. This starts with fostering an interest in cybersecurity in students – starting as early as kindergarten.” 

The success of the effort prompted CYBER.ORG and CISA to announce in September that it is expanding the program nationwide, bringing Project Reach to 10 additional HBCUs, including Claflin University in South Carolina, Langston University in Oklahoma, Stillman College in Alabama, and others.

Laurie Salvail, director of CYBER.ORG, said the pilot program at Grambling State University “proved to be incredibly successful in partnering with local high schools,” and that they were eager to replicate the success at more HBCUs with the help of CISA.

“This collaboration between universities and high schools will be critical to solving the cybersecurity workforce shortage and introducing students to cybersecurity careers at a young age,” Salvail said. 

Several professors at the schools called the program “essential” in their effort to provide underserved students with the kind of cybersecurity education needed for those seeking technological careers. 

“As CYBER.ORG expands Project REACH, we are excited to join the initiative and help students learn how to create lasting careers in cybersecurity,” said Karina Liles, Department of Mathematics and Computer Science Chair and Associate Professor at Claflin University. 

“Our faculty is proud to head up this program at Claflin University, which will be integral to bridging the diversity gap we continue to see in the industry.” 

How the program works

Akins explained that there are two types of students in the program – a K-12 pupil and a college student.

Teachers in K-12 schools that either teach some form of cyber education or lead a cyber club are identified by local school administrators and are given curricula from CYBER.ORG.

Students in the program are given the chance to work with college students and cyber professionals, as well as opportunities for hands-on learning, campus visits to HBCUs and more. 

The teachers who take part will also get professional development resources from CYBER.ORG as well as technology grants allowing them to implement different components of the curricula. 

Cybersecurity-focused students at HBCUs will be identified by professors and will help with mentoring the high school students, leading cybersecurity and computer science activities on campus, and visiting their partner high schools to perform hands-on lessons.

While some of the universities involved do not have specific cybersecurity majors, all have computer science programs that incorporate cybersecurity courses or certificate programs in cybersecurity. 

“The HBCUs enrolled in Project REACH are looking to further develop the cybersecurity offerings at their institution. There are many different ways colleges and universities are offering cybersecurity and each HBCU has a unique approach,” she said. 

Akins said one of the main goals is for students to leave the program with a better understanding of the industry and hopefully an interest in pursuing a cybersecurity career in addition to a broader cybersecurity literacy. 

The HBCU students involved will also get the chance to be mentored themselves by cyber professionals involved in the program. One example is Microsoft’s Technology Education and Literacy in Schools (TEALS) program, which allows classroom teachers to teach computer science with the support of industry volunteers and proven curricula. 

Students will also get the chance to participate in live test attacks using a “cyber range” program provided to schools for free by CYBER.ORG. Participants will also get the chance to complete Linux-based activities as well as learn about cybersecurity issues like credential harvesting, phishing, SQL Injection, request forgeries and more. 

“In some instances, students receive case studies on certain topics where they are able to make the connection between the live test attack activity that they completed and a real-life attack that is similar.”

There are also several cyber challenges, cyber chats, classroom takeovers and more offered through the program. College preparation help, industry networking, soft skills development, workshops, competitions and conferences are all being added to Project Reach through the expansion. 

Akins noted that CYBER.ORG made an effort to develop culturally relevant cybersecurity curriculum and content that resonates with minority students, for example TK.

“This looks like putting twists on CYBER.ORG curriculum and activities on personally identifiable information (PII), so we’ll use TikTok and Instagram to show an example of how someone might expose their information,” she said. 

“As more Black students are exposed to cybersecurity or computer science as a profession and decide to pursue that career, the diversity gap within the industry will shrink. Black cybersecurity professionals will then be able to help their family, friends and neighbors become better equipped to prevent hackers and disinformation campaigns from targeting their communities.”