The State of Security Education

Eugene Spafford Assesses Strengths, Weaknesses of Academic Programs, Partnerships
The State of Security Education
What is the state of information assurance education as the 2009-2010 school year draws to a close? Disappointing, says Prof. Eugene Spafford.

Executive director of the Purdue University Center for Education and Research in Information Assurance and Security, Spafford says we have made very little progress in improving how we prepare students for information security careers.

"Most of the traditional education arenas do not have access to typical commercial products that are in use, so our students seldom get the opportunity to learn and use real equipment," he says in an exclusive interview with Tom Field, editorial director for Information Security Management Group. "The enterprise is still lacking in enough good materials in terms of teaching, education and standardization."

What discourages Spafford most is that there is a small number of students getting into this field vs. the greater need for qualified professionals. "In sum, we are not providing enough education to the right people and not getting enough people who are getting an in-depth education in this arena."

As part of a complete information assurance education, Spafford says, students must have a background in computing and supporting areas of logic; they have to read and write well; be aware of context; and have a broader understanding of security.

On the flip side, Spafford is encouraged by the renewed focus on issues pertaining to cybersecurity, as well as the growing awareness from government and industry that education in this area is needed.

For more of Spafford's assessment of the state of information assurance education, listen to the full interview.

About the Author

Upasana Gupta

Upasana Gupta

Contributing Editor, CareersInfoSecurity

Upasana Gupta oversees CareersInfoSecurity and shepherds career and leadership coverage for all Information Security Media Group's media properties. She regularly writes on career topics and speaks to senior executives on a wide-range of subjects, including security leadership, privacy, risk management, application security and fraud. She also helps produce podcasts and is instrumental in the global expansion of ISMG websites by recruiting international information security and risk experts to contribute content, including blogs. Upasana previously served as a resource manager focusing on hiring, recruiting and human resources at Icons Inc., an IT security advisory firm affiliated with ISMG. She holds an MBA in human resources from Maharishi University of Management, Fairfield, Iowa.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.