erm.. some securtiy certificate provided by some Uni or training center are actually useless! like Security+, Certified Ethical Hacker, even CISSP that conduct by some unresponsible training center~!! those trainer or lecturer are actually being trained to conduct class only~! some even have no real industrial working experience, not to mention experience in hacking or couter measure~!! what the trainer do is conduct the class through powerpoint slide, and just keep trying all the tools~!! Example in CEH course, they give u a CD with more than 300 tools (mostly trail version) and keep testing on those tools. If 1 didnt work then immediate jump to other tools.... lastly all can't use (maybe is the lack of skill to used~!) , they will said, the import is let u know the concept~! aiks~~! >_<
That's not true of all courses and classes (and I say this as an educator). I'd say that's a generalization and honestly, if people who are paying for university, corporate courses or whatever educational method they are taking, aren't investigating what they will get out of it .. well.. you get what you pay for. Courses like those at SANS that cover specific areas are probably in-depth. But not everyone needs to take them. Some university courses can be worthwhile, sometimes in ways you don't expect. Now, if you take a Bachelor's Degree in Comp Sci, of course they won't teach security. The reality is there is only so much you can put into a degree program before you truly overwhelm students (and in today's education where students have 2-3 jobs on the side to pay for the stuff loans don't, it can be overwhelming -- at least in Canada)

Now, the CEH as a certification has been under fire and is a questionable certification to begin with. The CISSP and SANS certs, IMHO, are worth their paper. CISSP is for a more managerial, "how does this affect the bottom line" view point while the SANS deals with the hands-on, "how do I stop it from affecting the bottom line". Granted it does depend on what the teaching center is like (although I believe you have to be certified and approved by SANS to teach their courses, not sure about CISSP) but that just gets back to the amount of research you do into the course and find out how in-depth it really is.

What about schools? Most school districts are on the internet, yet I know that even their repair people do not know about security. I know a few of them and when you talk about trojans or viruses, they give you the look of: "What the heck are you talking about?"
Depends on the school and district. Also, keep in mind many school boards (I'm going to assume this is pre-University/college) have extremely limited budgets. The idea is good but the reality of when this would be taught ... that's hard. Educators are stretched to the limit. Certainly having someone with expertise go in and teach would be good except for one thing: it's one thing to have knowledge, it's another to be able to pass that on well enough to others so they understand. (Worst example of a teacher I saw: when asked why ACLs were put on one side of a router versus the other he replied indignantly, "Because that's what the book says!").

Certainly the idea is good and will probably help some. Will it be our saviour against "stupid users"? I doubt it. There are always those that believe there is nothing to steal on their computers, that they are safe because they don't piss anyone off, that they do not know enough and don't want anyone else to know they are clueless, etc. If a school board is willing to have a guest speaker come in, that might be one way to go (it'd have to be freebie). If a fee is charged, on a per person basis it'd have to be small. Maybe a tie-in with a bookstore that highlights some of the security books and a nominal fee. The other thing is to use something like articles for major newspapers (get the word out as it were) and drum up business that way.

Some random thoughts at an early hour..