How to get better security people

• Previous message (by thread): How to get better security people
• Next message (by thread): PacBell Security/Abuse Contact
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>A basic security mindset is a combination of paranoia, a talent for
>contingency planning, and an understanding of business need.

My suggestion was to include a couple of courses in the curriculum.

  1. Engineering Ethics
       How to play fair
       Right and wrong, dealing with conflicting responsibilities
  2. Engineering Paranoia
       The world doesn't play fair
       Bad data, safety factors and progressive collapse

I'm not sure you can really teach someone the right combination
of ethics and paranoia to be successfull.  I can teach anyone the
technical stuff, or give them a really thick book.  But best
practices aren't a substitute for understanding the business and
sound judgement.

• Previous message (by thread): How to get better security people
• Next message (by thread): PacBell Security/Abuse Contact
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]