“Think like an attacker — build like a guardian.”
Levels
2
Middle · Senior
Outcomes
5
Skills children walk away with
Pathways
4
Future careers unlocked
The idea
Every student who uses the internet operates within a threat environment. Cyber security at NASCA builds both the personal resilience to navigate that environment and the professional foundation to build systems that resist attack. Students develop the defender's mindset — understanding how systems fail in order to design systems that do not. The curriculum progresses from digital safety fundamentals and cryptography in Grade 7 through network security, web vulnerabilities and Linux-based tooling in the middle years, to full penetration testing methodology, CTF competition and professional-format security reporting at senior level.
Inside the stream — a story
Children grow up online. Teaching them to think like a defender — and understand how attackers think — is one of the most practical, life-long skills a school can give. It also opens a fast-growing global career path.
We do not lecture. We sit down with each child and a password manager. We turn on two-factor authentication on their real accounts. We role-play phishing emails until they can spot them in their sleep.
Within a week, our students are the safest people in their families online.
Within a week, they're the safest people online in their family.
We walk children through real incidents — what happened, how, and what should have stopped it. They learn that most breaches are not glamorous. They are boring. Tiny mistakes, repeated, at scale.
It is a powerful inoculation against complacency.
Children build a tiny encryption tool from scratch — and then watch us crack it on stage. The lesson lands instantly: cryptography is hard, libraries exist, and humility is a security feature.
From then on, they reach for proven tools instead of clever tricks.
We open Wireshark in a sandboxed lab. Children watch packets fly past and slowly learn to spot the ones that don't belong. They run a tabletop incident — playing attacker, defender, communicator and PR all at once.
It is the most fun our students have all year. It is also the most serious.
Older students design and run a CTF for the whole school. There are tracks for web, crypto and forensics. Younger students compete in mentored teams. The winners get medals. Everyone learns.
We have watched a generation of cybersecurity professionals begin in this very tournament.
We have watched a generation of professionals begin in this tournament.
A scene from a real classroom
A 13-year-old gently helps his grandmother set up two-factor authentication on her bank login over a Sunday afternoon. He does not patronise. He does not rush. He explains. She has never been safer.
Cybersecurity, taught well, makes children calmer online — and makes the rest of us safer too. It may be the most practical course your child will take.
— End of story · Read on for the curriculum
The journey
Master passwords, 2FA and the basics that stop 90% of attacks.
Learn how attackers think — safely, in a sandbox.
Detect and block what you’ve learned to attack.
Run a school-wide CTF as the final showcase.
Signature project
An end-of-term capture-the-flag tournament — students hunt flags across web, crypto and forensic challenges.
Why it matters
Children grow up online. Teaching them to think like a defender — and understand how attackers think — is one of the most practical, life-long skills a school can give. It also opens a fast-growing global career path.
A typical session
The curriculum
Six modules across an academic year. Every module is hands-on, project-led and ends with something children have built and can show.
Showcase moments
A school-wide drive where students help families secure their accounts.
A simulated breach where students play attacker, defender and responder.
The flagship inter-class capture-the-flag tournament.
For parents
Within weeks your child will be teaching the family about 2FA, password hygiene and phishing. The household gets safer — that alone is worth it.
For teachers & schools
All offensive content runs in a vetted sandbox; nothing targets real systems. Comes with a safety policy template for schools.
What children build
Tools & tech
Levels offered
Outcomes
Threat modelling
Cryptographic basics
Network awareness
Safe-online habits
Defender mindset
Questions parents ask
The honest answers to the questions families ask us most.
Only in legal, sandboxed environments — to learn defence. We make the ethics explicit from day one.
Yes. All exercises happen in isolated environments approved by school IT.
Cybersecurity is one of the fastest-growing global careers, with severe talent shortages.
Personal hygiene from Middle School; offensive/defensive labs from Senior onwards.
