Hacker High School: Our Next Generation of Security Professionals

Teenagers don’t learn cybersecurity by being scared. They learn by getting their hands dirty and hacking.

“You’re a criminal” was often the accusation of much of the government-sponsored teenage-based security training. In the early 2000s, the days of Napster, most people just assumed teenagers were illegally downloading music. The only way to thwart that behavior was to chronically scold teenagers for their behavior.

But that’s not the way teenagers learn, realized Pete Herzog, Managing Director of ISECOM, who helped initiate a cybersecurity and safety training effort called Hacker High School back in 2003.

“Talk to them about it and not just tell them, ‘Don’t do this. Don’t do that,’ but actually tell them about consequences, what happens to other people, empathy. Those are the two biggest ways you can interact with them and they will remember it. They will learn it,” said Herzog in our conversation at the Cybersafety Village at the 2017 RSA Conference in San Francisco.

Herzog has leaned on his daughters, Ayla and Jace, to be guinea pigs for his youth-based hacker education. He had them (educationally) picking locks and soldering when they were six-years-olds.

Jace has enjoyed the education and taught her friends to be wary of what they post online.

Like kids learn how to use tools on the Internet, they can also learn hacking, said Herzog, who designed the books for students to learn on their own. He recommends that parents bring the education of Hacker High School to their local schools.