http://www.twincities.com/mld/pioneerpress/13604543.htm BY LESLIE BROOKS SUZUKAMO Pioneer Press Jan. 12, 2006 When 23-year-old David Luttrell gets his master's degree in information technology a couple years from now, he doesn't want to work with computers - he wants to work with the people who work with computers. "Ideally, it'll be something where I'm managing a (computer) security department or regular IT department," the Metropolitan State University student from Rush City said. "I don't want to be the guy rolling up his sleeves and up to my elbows in wires." Luttrell is not your classic geek. He has a bachelor's degree in business and discovered his affinity for computers after the trucking company where he works introduced automation not long ago. He's now interning part-time at the state Department of Revenue's security-conscious technology unit. If the state of Minnesota has its way, Luttrell and others like him may become the new face of computer security. The state has seeded a new program at the Twin Cities' Metro State to create advanced courses and curriculum in computer security. It wants to bridge the chasm between the basement server room where a company's IT workers toil and the corner suites where the executives hang out. In a world where new computer vulnerabilities are discovered weekly, the need for more technology bodyguards is no longer questioned. By 2008, the research firm IDC believes more than 800,000 new security professionals will join the 1.3 million already employed. But the real problem in security isn't finding technicians who know how to cobble together a decent firewall, according to St. Paul computer consultant Mike O'Connor. It is finding managers who can write sound security practices and help executives use technology to comply with new financial reporting and privacy laws like Sarbanes- Oxley. "It's the business stuff they need to know. Those folks are really scarce," O'Connor said. So this fall, the state awarded a $4.8 million "center of excellence" grant to Metro State to create both undergraduate and graduate programs in computer security. The state's vision is to build a center that would train a cadre of future information security managers and executives who would be closely tied to Minnesota businesses. Metro State officials have classes approved by the National Security Agency for its still-developing Center for Strategic Information Systems and Security. Classes began in September but the center doesn't expect to hire a director until February. Those courses will lead to four-year bachelor of applied science degrees in computer security or computer forensics, said Steve Creason, associate professor in the university's College of Management and one of the architects of the program. The two-year master's program in which Luttrell is enrolled combines both business and technical training. A Ph.D. program could be down the road too, Creason said. The state hopes the center could crank out not just new workers or research but maybe even spawn a mini-industry devoted to computer security and the burgeoning area of Internet telephony. Other states have the same idea, though, and this could provide some competition for the Minnesota program. Iowa State University in Ames has an advanced computing center to help develop the next generation of data security. Dakota State University in Madison, S.D., offers bachelor and master's degree programs in "information assurance" also certified by the NSA. All of these programs are so new that it's hard to assess them. It's probably safe to say, however, that the most rigorous of the new programs, announced in December, is offered by the SANS Institute in Bethesda, Md. SANS is renowned as one of the world's largest sources of information security training and certification and as the operator of the Internet Storm Center, an early warning system for viruses and worms. The Maryland Higher Education Commission has approved separate master's degree programs in security engineering and management at SANS, designed for people from around the country who have been picked to assume leadership roles by their companies, said Alan Paller, SANS director of research. "American corporations are being riddled by (computer) attacks - they are being defended very badly," Paller said. To develop its four-year program, Metro State partnered with existing two-year programs at Inver Hills Community College in Inver Grove Heights and Minneapolis Community and Technical College. The three schools are cooperating to allow graduates from the more technically oriented two-year programs at the colleges to transfer seamlessly to Metro State and finish up in only two more years. Focusing on a niche like computer security and Internet telecommunications allows universities like Metro State "to get away from being plain vanilla schools," said David Anderson, dean of the center for professional development and work force development at Inver Hills Community College. The program also could raise Minnesota's profile by letting its students test ideas in real workplaces, turning the program into a security "proving ground," added Ken Niemi, vice chancellor for information technology at the Minnesota State Colleges and Universities, which oversees Metro State. -=- Leslie Brooks Suzukamo covers telecommunications and technology and can be reached at lsuzukamo at pioneerpress.com or 651-228-5475. _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Fri Jan 13 2006 - 02:41:08 PST