> MDWtheTall (Viewer II) posted a new topic in Career on 10-12-2018 11:30 AM in

LOVE the choice of screen name ....

(Is that another "short" joke? 🙂

>   I am the director of the
> CyberSecurity program at the Sage Colleges in Albany, NY, and am looking for new
> and interesting ways of stimulating student interest in the profession.

Ha! Any student who does not realize that infosec is *the* most interesting field
in technology does not deserve to be here!

(Well, OK, I guess that still leaves the problem of convincing people who aren't in
the field to look inot it ...)

> The Sage
> program takes a "non-academic" view of the field, and at the higher levels
> (300-400) that seems successful.

I'm not sure how you're doing "non-academic" work at the higher levels ...

>  The lower levels seem ot need a lot more
> structure.

Well, yeah, if they are new, you need to manage content to ensure they don't dive
down rabbit holes before they see the whole field, but ...

======================
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
http://www.infosecbc.org/links http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

Michael @MDWtheTall ,

If by "non-academic" you mean hands-on straight tech skills, a la IT tech schools, I think such courses definitely are appropriate. Infosec folks need to know those skills to know how they are abused by the bad guys. 

 

Note that many of the master's degree programs in our field lean heavily on such courses, because many degreed professionals are using teh grad degree to shift careers into infosec.

 

Side question: are you using any particular framework to guide the overall curriculum, e.g. CBK, COBIT, ISO 27000 Series, NICE, CSF, RMF, etc?

 

Love to learn more about your program.

 

 

There is a saying, "You can lead a horse to water but you can't make him drink."

How do we make the horses more thirsty so they will want to indulge in this water of InfoSec that we clearly love to drink? This is a difficult challenge to undertake but it is not impossible.

 

The key is to make it attractive, see who shows interest and then develop them through mentoring. One of the tactics I use is to either show them a hacking demonstration or do a quick dive into a social media check up on themselves. If the response from the participants is "Cool, but meh!" move on to the next group to find your young grasshopper. If one person shows interest, then steer them to other opportunities.

We recently hired 2 college interns. I based my opinions on them from my interactions during the hiring phase. I thought we had hired 2 people who would blossom into InfoSec professionals. One turned out to be totally different and sadly, like that social media video going around about the young millennial girl doing a job interview, it seemed like this job was interfering with his life style. Constantly wanting to adjust his hours, wanting to reduce the hours but then complain he wasn't getting enough hours (keep in mind this was a paid internship). Wouldn't show up to meetings or return phone calls. Sad. We let him go after a couple of months.  So we whiffed on one candidate but the other is going strong.

 

We will keep trying. Maybe there aren't enough Infosec "nerds" to keep the profession growing....

And in this instance I use the word nerd to mean someone who is intensely interested in, and extremely excited about a specific area of study.