Security Education - Yay, again!
Interesting read based on my last little rant about the lack of security (as-in-threats) education in school.
Software firms fault colleges' security education
https://news.com.com/Software+firms+fault+colleges+security+education/2100-1002_3-5579014.html?tag=nl
I don't want to make one point clear, education also belongs in industry, but we need more in school.
Comments
- Anonymous
February 17, 2005
This is exactly what I'm doing. I've presented a six day course to a bank's developers last year, and I'm working up a new improved three day course for my current employer now.
Hopefully, this can be followed up with some mentoring and turning a few developers into security "champions", who along with decent peer review processes, start to make an impact on the quality of code.
In your next edition of Writing Secure Code, I'd really like to collaborate with you on getting the "Performing a Security Code Review" chapter up to scratch. The current one is a little light on for content, particularly when compared to the other chapters, and yet it's one of the most important pieces of the puzzle for places that have never done them before.
Andrew van der Stock
Technical editor of the OWASP Guide 2.0 - Anonymous
February 17, 2005
Good Stuff - but we really need to improve the quality of engineers coming out of school - the education is simply not there :(
It's not like it's important, or anything!