Communications of the ACM
It Security Education Continues to Evolve
IT security and cyberforensics are two areas with a critical need for more workers, writes Purdue University professor Eugene Spafford, chair of ACM's US Public Policy Committee. Spafford says that computer science education has evolved from teaching the fundamentals for construction and systems in favor of a focus on all the places where computing can make a difference. Before, computer science focused more on program solutions around individual host computers and only some distributed computation, but now the focus is on higher-level concepts in languages, graphics, and network computation. Spafford says the security implications of this shift, and the shift in the industry toward cloud computing and large-scale networks, is largely unknown. Information security is generally not in the regular IT curriculum, and a reasonable core curriculum for information security has not yet been determined. Some schools, including Purdue, offer courses in secure programming as electives. Many programming flaws are actually taught against in almost every curriculum, Spafford says, but problems arise because either students do not pay attention, are pressed for time, switch languages, or end up working in environments where productivity is stressed over quality.
No entries found