Cybersecurity Professional Development for Educators

Why Teachers Need Cybersecurity Training

K-12 teachers are on the front lines of cybersecurity — even if they do not realize it. Every teacher in Orange County, Riverside County, and across California uses digital tools daily: learning management systems, student information systems, cloud-based grade books, email, video conferencing platforms, and educational apps. Each of these tools creates potential entry points for cyber threats, and teachers are often the first targets of phishing campaigns, social engineering attacks, and credential theft attempts that target school districts.

According to CISA's report on K-12 cybersecurity threats, over 90% of successful cyberattacks on schools begin with a phishing email sent to staff. When a teacher clicks a malicious link or enters credentials on a fake login page, attackers can gain access to student records, financial systems, and the entire district network. A single compromised account can lead to a ransomware attack that shuts down a district for weeks.

Beyond protecting school systems, teachers play a vital role in shaping the next generation's cybersecurity awareness. Students who learn safe online habits from their teachers carry those practices into adulthood. Educators who understand cybersecurity concepts can integrate digital citizenship and online safety into their existing curriculum, creating a ripple effect that extends far beyond the classroom.

Free Cybersecurity Training Programs for Teachers

Several federally-funded and industry-supported programs provide completely free cybersecurity professional development for K-12 educators. No prior technical experience is required for most of these programs.

CISA NICCS Resources for K-12 Teachers

The National Initiative for Cybersecurity Careers and Studies (NICCS), operated by CISA, maintains a dedicated resource hub for K-12 teachers. This includes tip cards, videos, fact sheets, toolkits, and links to professional development opportunities. CISA regularly hosts free professional development webinars specifically designed for K-12 educators, covering topics such as recognizing phishing, securing classroom technology, and teaching students about online safety.

CISA CETAP (Cybersecurity Education and Training Assistance Program)

The CETAP program partners with schools, school boards, and educational organizations to bring cybersecurity concepts into K-12 classrooms nationwide. CETAP follows a train-the-trainer model, providing:

  • Cybersecurity curricula aligned with national standards
  • Educator professional development workshops and training sessions
  • Classroom technology and teaching resources
  • Ongoing support for implementing cybersecurity education programs

CETAP funding supports Cyber.org (see below), which delivers the actual curricula and training materials at no cost to participating schools and teachers.

Cyber.org (Formerly CYBER.ORG)

Cyber.org is a CISA-funded nonprofit that provides free cybersecurity curriculum and professional development for K-12 educators across the country. Their offerings include:

  • Free K-12 curriculum — Complete lesson plans, activities, and assessments covering cybersecurity, coding fundamentals, networking, robotics, and cyber literacy, all aligned to national and state education standards
  • Virtual professional development — Regular online training sessions that teach educators how to deliver cybersecurity content effectively in their classrooms
  • Cyber Literacy curriculum — Age-appropriate digital citizenship and online safety lessons that any teacher can integrate into existing courses, regardless of subject area
  • Career awareness resources — Materials to help teachers introduce students to cybersecurity career paths

All Cyber.org resources are available at no cost to educators. Teachers in Orange County and Riverside County school districts can register and access these materials immediately.

Teach Cyber

Teach Cyber focuses specifically on preparing high school instructors to deliver cybersecurity curricula. Their programs include:

  • Foundations of Cybersecurity course — A free, online, self-paced course available in partnership with Cisco Networking Academy. The Spring-Summer 2026 cohort is now open for enrollment
  • ARC Webinars — Free monthly webinars for cybersecurity teachers (scheduled sessions include March 12, April 9, and May 7, 2026)
  • National Cybersecurity Teaching Academy (NCTA) — The NCTA 2026 program is the first and only academic program in the United States specifically designed to prepare high school teachers to teach cybersecurity. It provides comprehensive training in cybersecurity content knowledge and pedagogy
  • Professional development workshopsTeacher PD sessions covering curriculum implementation, assessment strategies, and hands-on lab setup

GenCyber Teacher Camps

The GenCyber program, jointly funded by the NSA and NSF, offers free summer camps for K-12 teachers at university campuses across the country. GenCyber teacher camps typically run one to two weeks and provide:

  • Intensive cybersecurity content training for teachers with no prior experience required
  • Hands-on activities and lab exercises that teachers can adapt for their own classrooms
  • Curriculum materials and lesson plans aligned to the GenCyber Cybersecurity First Principles
  • All costs covered, including tuition, materials, and often lodging and meals

Note: GenCyber funding was paused for FY 2025-2026. Watch the GenCyber website for announcements about future funding cycles. When camps resume, Southern California universities typically host sessions that are accessible to teachers from the OC and Riverside regions.

Fortinet Security Awareness Training for Schools

Fortinet offers its Security Awareness and Training Service customized for the education sector at no cost to all K-12 school districts nationwide. This program has the potential to reach over 8 million staff members and 55 million K-12 students. The training covers practical cybersecurity awareness topics relevant to daily school operations, including email security, password hygiene, safe browsing, and recognizing social engineering attempts.

Microsoft Cybersecurity for K-12 Classrooms

Microsoft Learn provides a free, self-paced module on building cybersecurity resilience in K-12 classrooms using Microsoft tools. This module teaches educators how to use Microsoft 365 security features, manage classroom technology safely, and integrate cybersecurity concepts into existing lessons using tools many schools already have access to.

What Teachers Should Know: Core Cybersecurity Topics

Regardless of which training program you choose, every educator should be confident in these fundamental cybersecurity areas:

Personal Cybersecurity Hygiene

  • Password management — Using unique, strong passwords for school accounts (separate from personal accounts) and employing a password manager
  • Multi-factor authentication — Enabling MFA on all school email, LMS, and administrative accounts
  • Phishing recognition — Identifying suspicious emails, especially those that create urgency, request credentials, or contain unexpected attachments or links
  • Device security — Keeping school laptops, tablets, and personal devices used for work updated and protected
  • Safe data handling — Understanding FERPA requirements and how to protect student personally identifiable information (PII) in digital environments

Classroom and Student Safety

  • Digital citizenship — Teaching students responsible online behavior, including privacy, intellectual property, and respectful communication
  • Cyberbullying awareness — Recognizing signs of cyberbullying and knowing school and district reporting procedures
  • Safe use of educational technology — Vetting apps and websites for privacy practices before using them with students
  • Incident reporting — Knowing your district's procedures for reporting suspected security incidents, data breaches, or compromised accounts

Professional Development Hours and Credit

Many of the free cybersecurity training programs listed above provide certificates of completion that may count toward professional development hour requirements for California teaching credential maintenance. Check with your school district's human resources or professional development office to confirm which programs qualify for PD credit in your specific district. The California Commission on Teacher Credentialing (CTC) accepts a wide range of professional development activities, and cybersecurity training increasingly qualifies as relevant technology professional development.

Getting Started: A Plan for Educators in Southern California

  1. Start with awareness — Complete CISA's free online awareness materials at niccs.cisa.gov. These require no technical background and can be completed in a few hours
  2. Register with Cyber.org — Create a free account at cyber.org to access K-12 curriculum resources and sign up for virtual professional development sessions
  3. Enroll in Teach Cyber — If you teach at the high school level, register for the free Foundations of Cybersecurity course through teachcyber.org
  4. Talk to your district — Ask your principal or technology coordinator about adopting Fortinet's free school security awareness training district-wide
  5. Connect with colleagues — Join online communities of cybersecurity educators to share lesson plans, troubleshoot challenges, and stay current on new resources
  6. Watch for GenCyber — When summer camp programs resume, apply early — spots fill quickly and the experience is transformative for teachers new to cybersecurity

Disclaimer: This page is provided for educational and informational purposes only. CyberLearning is not affiliated with CISA, NICCS, Cyber.org, Teach Cyber, Fortinet, Microsoft, or any specific school district or training provider mentioned on this page. Program availability, enrollment periods, and content may change. Always verify current information directly with the program provider. External links are provided as a convenience and do not constitute an endorsement.

Comments are closed.