Partager via


Security Education - Yay, again!

Interesting read based on my last little rant about the lack of security (as-in-threats) education in school.

Software firms fault colleges' security education
https://news.com.com/Software+firms+fault+colleges+security+education/2100-1002_3-5579014.html?tag=nl

I don't want to make one point clear, education also belongs in industry, but we need more in school.

Comments

  • Anonymous
    February 17, 2005
    This is exactly what I'm doing. I've presented a six day course to a bank's developers last year, and I'm working up a new improved three day course for my current employer now.

    Hopefully, this can be followed up with some mentoring and turning a few developers into security "champions", who along with decent peer review processes, start to make an impact on the quality of code.

    In your next edition of Writing Secure Code, I'd really like to collaborate with you on getting the "Performing a Security Code Review" chapter up to scratch. The current one is a little light on for content, particularly when compared to the other chapters, and yet it's one of the most important pieces of the puzzle for places that have never done them before.

    Andrew van der Stock
    Technical editor of the OWASP Guide 2.0
  • Anonymous
    February 17, 2005
    Good Stuff - but we really need to improve the quality of engineers coming out of school - the education is simply not there :(

    It's not like it's important, or anything!