[ISN] IT students not being educated on security

From: InfoSec News (alerts@private)
Date: Tue May 13 2008 - 01:25:39 PDT


http://www.computing.co.uk/computing/news/2216373/students-educated-security

By Tom Young
Computing
12 May 2008

IT students are not being educated on how to "bake in" security when 
designing and developing new software applications, according to 
research.

The study for the Cyber Security Knowledge Transfer Network (KTN) found 
that just one in five UK computing undergraduates get no more than five 
hours education on software security - and many get none at all.

Insecure software applications have a knock-on effect on end users by 
making their systems vulnerable, according to Bill Whyte, who carried 
out the research.

"Today's computing market is a complex value chain of software 
activities and is as vulnerable as its weakest link," he said.

Despite the current political clamour on the importance of information 
security, this key issue is not being addressed, said Nigel Jones, head 
of the KTN.

"The bottom line is that if we want to solve the problems we need to 
start by fixing the root cause," he said.

A recent BERR and PricewaterhouseCoopers report on UK information 
security breaches did not contain a single reference to secure software 
development.


_______________________________________________      
Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Tue May 13 2008 - 01:30:58 PDT