Access your Pro+ Content below.
Why information security education isn’t making the grade
This article is part of the April 2013 / Volume 15 / No. 3 issue of Information Security magazine
At least we’re consistent. When it comes to information security in industry or education, we are not taking a holistic approach. Information security is a bolt-on feature. (See our recent column, “The bolt-on information security trend needs to end.” Business executives on down to the IT staff continue to treat security as a separate issue, handled by IT specialists. Rarely do software or system engineers approach the design of a product with the intent to include security from the start. It is no different in security education: we don’t educate our computer engineers and computer scientists to take a holistic approach to security. We teach information security in a separate class or, if students are lucky, classes; and these courses are usually electives. Is it any wonder when these individuals leave our hallowed halls to enter the workforce, they treat information security in the same vein? Why do we do such a poor job in information security education? It is the approach we take to teaching computer engineering, software ...
Features in this issue
Are you losing control of access management as SaaS and mobile devices take hold? To achieve better operational consistency and scale, consider a centralized IAM system.
The infections and cyberattacks that botnets are used to launch remain hard-to-detect malware threats that have moved beyond PCs to mobile devices.
Most networks have partial deployment of IPv6 often without IT realizing it. It’s time to take stock of the security implications before attackers do.
Columns in this issue
This month, Information Security Magazine examines security industry changes that can really make a difference: improving identity management and building security into software from the get go.
The CISO role in many enterprises is expanding beyond security risk mitigation to risk management, privacy and regulations, and compliance.
Security experts explain why a holistic approach to security is critical to training computer engineers and computer scientists for a career in information security.
Hacking back isn't the way to win the cyberwar. Gary McGraw says building software and systems with fewer vulnerabilities is stronger protection.