North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: How to get better security people

  • From: Sean Donelan
  • Date: Sat Mar 30 01:08:11 2002

>A basic security mindset is a combination of paranoia, a talent for
>contingency planning, and an understanding of business need.

My suggestion was to include a couple of courses in the curriculum.

  1. Engineering Ethics
       How to play fair
       Right and wrong, dealing with conflicting responsibilities
  2. Engineering Paranoia
       The world doesn't play fair
       Bad data, safety factors and progressive collapse

I'm not sure you can really teach someone the right combination
of ethics and paranoia to be successfull.  I can teach anyone the
technical stuff, or give them a really thick book.  But best
practices aren't a substitute for understanding the business and
sound judgement.