Student Inquiry, Infosec Education

Printable View

August 16th, 2004, 04:09 PM
liquidmatrix

Student Inquiry, Infosec Education

I am interested in everyones thoughts on InfoSec Education.

What is the biggest problem within Information Security education?

What is your opinion on the best method to stay atop of this dynamic industry (e.g. formalized education within academia, certifications, training, etc)?

What skills are InfoSec professionals lacking and your thoughts on addressing this issue?

What are some of the strengths of your InfoSec professionals?

What other problems are you currently running into with InfoSec professionals (e.g. shortage of skilled individuals, scope of expertise, cost of skilled individuals, training, staying atop dynamic industry)?

What methods are you using to increase InfoSec awareness within your organization?

Thanks.
August 16th, 2004, 04:20 PM
SirDice

Re: Student Inquiry, Infosec Education

Quote:

Originally posted here by liquidmatrix
What is the biggest problem within Information Security education?

The lack of good quality courses.

Quote:

What is your opinion on the best method to stay atop of this dynamic industry (e.g. formalized education within academia, certifications, training, etc)?

Keeping an eye on sites like this ;) Seriously, the Internet would be the best place.

Quote:

What skills are InfoSec professionals lacking and your thoughts on addressing this issue?

Mostly people skills, I sure am lacking in that depardment.

Quote:

What are some of the strengths of your InfoSec professionals?

They're great at solving problems or finding problems noone else thought of.

Quote:

What other problems are you currently running into with InfoSec professionals (e.g. shortage of skilled individuals, scope of expertise, cost of skilled individuals, training, staying atop dynamic industry)?

Basicly all of the above, some more than others....

Quote:

What methods are you using to increase InfoSec awareness within your organization?

If "they" (the lusers) do something I don't like I'll introduce them to my lart.

Note: Don't take this too seriously, it's been a tough day :D
August 17th, 2004, 12:30 AM
kurt_der_koenig

Th main problem is that some can be hoaxes! A while back I checked up on one online and got my email bombed with porn-----a consequence,I think not! Unless of course your going to a college or an university than surely that would be other wise.
August 17th, 2004, 01:35 AM
alphabetarian

Re: Student Inquiry, Infosec Education

Quote:

Originally posted here by liquidmatrix

What is the biggest problem within Information Security education?

I am currently a graduate student at of the many schools schools that is currently endorsed by the NSA as being a "Center of Excellence" for Information Assurance (Security) education. I am also persuing a concentration in IA. The biggest problem/complaint I have regarding my school is the lack of real-world experience that the professors (within my department at least) have. I've been in the program a year now, taken a course with each of the two "security" professors, and, as far as I know, neither one of them has done anything in the real world (aside from consulting) involving security. Both taught straight out of books, and shared very little personal experience. In the entire university I am at, I only know of one professor that has any real world, relavant work experience in the INFOSEC field.

With that in mind, I have two pieces of advice for you:

1. Look for a school who's professors have actually worked in INFOSEC outside of a university.
2. Look for a program that offer's hands-on experience in the classroom. This is my second biggest gripe. Anybody can talk about security. To this point, that's all I've done in classes. Employers, I feel, want people that can sit down and do security.

Quote:

What is your opinion on the best method to stay atop of this dynamic industry (e.g. formalized education within academia, certifications, training, etc)?

e) All of the above. Don't be afraid to read, research, do, or otherwise learn on your own though. You'll probably have to wait on certs until you get out of school because a) they're expensive as hell to obtain and b) some require years of work experience before you can even sit for them...namely, the CISSP

Quote:

What methods are you using to increase InfoSec awareness within your organization?

Right now, where I work, we have a site on the corporate Intranet with security information for the masses. Unfortunately, it's outdated, lacking in information it does have, and poorly organized. Do the opposite of the above, keep it as simple as possible, and advertise it with in the company, and you should be good...or as good as you an be rather.

PS: The ones I didn't respond to are because I'm only an Intern at the moment with no real experience to answer the questions.

Hope this helps,

alpha
August 17th, 2004, 07:39 PM
Simple Simon

Am I loosing my mind?....

I'm sure there are some missing posts on this thread. I seem to remember commenting on a comprehensive reply to the original poster.

If i'm right is was pooh sun tzu.

What happened?