Re: [ISN] Clarke warns educators about need for better security

From: InfoSec News (isnat_private)
Date: Thu Jun 06 2002 - 20:13:16 PDT

Next message: InfoSec News: "[ISN] Hacking puts 4,500 students grades in doubt at Western High"

Previous message: InfoSec News: "Re: [ISN] Ultimate Computer Security Devices"
Maybe in reply to: InfoSec News: "[ISN] Clarke warns educators about need for better security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: dont <dontat_private>

> "In three to four years, we will have a billion IP addresses," he
> said. "Do we still want to use TCI/IP? Do we still want the same
> domain naming system? Do we still want the same wireless security
> we're using today?"

Well, back when this was first done, it was actually pretty
well-funded. Research funding nowadays seems primarily tied to
products, not growth of the field.  In terms of actual knowledge of
computer security issues, we have grown little.  Not only do we fail
repeatedly to put into practice "lessons learned", but we still do not
have a good grasp of what the true defining questions are for us to
research.  No one can concur on the problem space definition, and,
worse still, the problem space changes rapidly over time.

Give academia money for basic research, and not tied to development,
and maybe we will get surprised.

> "Schools are pumping out too many students who approach security
> mechanically from an engineering perspective," said Nimal Jayaratna,

really?  where?  pumping out "too many"?  I would love to see data on
this... however, asking people to validate their claims is something
we don't do anymore.

> Some educators, such as Alexander Korzyk, assistant professor at the
> college of business and economics at the University of Idaho in
> Moscow, Idaho, questioned whether information security should remain
> in the computer science discipline at all, or be moved to areas of
> study more reflective of business risk issues.

I can go along with the cross-disciplined idea, but I am fairly
uncomfortable (ok, maybe incredibly scared) with MIS people taking
over the research in this field.

Yes, businesses should be aware of it, but honestly, I would rather
try to teach comp sci folks about business analysis than the opposite.

dont


==========================================================================
If you must choose between 2 evils, pick the one you've never tried before
==========================================================================



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Hacking puts 4,500 students grades in doubt at Western High"
Previous message: InfoSec News: "Re: [ISN] Ultimate Computer Security Devices"
Maybe in reply to: InfoSec News: "[ISN] Clarke warns educators about need for better security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jun 06 2002 - 23:03:12 PDT