Security is hard but security education may be harder. Few academic institutions have the skills or resources to dedicate solely to security education. Rather, most security programs in higher education have grown out of or have been welded on to other technology programs. The resulting fractured educational ecosystem has created a disparity in the skill sets of graduating students and has it challenging to develop standards to ensure consistency across educational programs. This talk will take a look at how security curricula have traditionally been developed and continued to be shaped by a variety of forces. We will examine some of the proposed solutions for accreditation and analyze their strengths and weaknesses. Subsequently we will try to determine which type of student each model designed to produce and provide our own recommendations about how to standardize security education.

Robert Olson is currently a lecturer at the Rochester Institute of Technology, where he teaches courses in programming, mobile security, and web application security. In a prior life, he developed courses in the fundamentals of information security, penetration testing, and exploit development as a lecturer at the State University of New York at Fredonia. He holds a Masters of Science in Interdisciplinary Studies (Cognitive Science), a Masters of Science in Management Information Systems, along with some industry certifications (CEH, CISSP, OSCP). When not doing cybery things, he enjoys studying machine learning, catching Pokemon, and bumming around Twitter (@nerdprof).

Back to Bsides Cleveland 2017 video list