Re: [fw-wiz] "INFOSec Education Research Question"...

From: Paul D. Robertson (
Date: 11/08/04

  • Next message: David Lang: "RE: [fw-wiz] Re: Ethics, morality and the industry"
    To: Philip Holt <>
    Date: Sun, 7 Nov 2004 19:51:16 -0500 (EST)

    On Fri, 5 Nov 2004, Philip Holt wrote:

    > Hello everyone.
    > RQ:
    > "What do BH Hackers, WH Hackers, GH Hackers have to offer interdisciplinary
    > INFOSec education?"

    I think one of the problems we have is that people think there's some
    special things that what side of the moral/ethical fences you sit on gives
    you. There isn't.

    > Interdisciplinary IFOSec Education:

    0. Computers. No, really. Not "point and click," but _how_they_work.
    0.a. Operating Systems. Ditto.
    0.b. Filesystems. Ditto.
    0.c. Programming. In a real language.
    0.d. Security.
    0.e. Logic.
    0.f. Networking.
    0.g. Risk management.
    0.h. Technical writing.
    > 1) Sociology (social engineering / social psychology)

    I'd add psych to soc.

    > 2) Ethics [theology]

    I'd remove theology.

    > 3) Criminal Justice: Profiling, Target Hardening, Defensible Space Design,
    > Crowe-Zahn Mixing Techniques (safe activities in unsafe environments & unsafe
    > activities in safe environments)
    > 4) Digtial Forensics
    > 5) Digital Litigation

    I wouldn't add any of these unless the person really needed them; They're
    specialist areas- the basic groundings should be covered above, and these
    change enough that it's not good to be less than current.

    > 6) E-commerce / Database Security / Risk Mitigation & Litigation

    I'd remove litigation and give the first two their own lines.

    > 7) ** "Other" areas as you see as being important... **

    Fundamentals. Logic and the ability to research and learn from the past.
    Perhaps a little military history, maybe a little formal systems design,
    modeling and definitely some information theory.

    Again though, hats are really about ethics, and about the only thing you
    can hope to learn from that is good or bad behavior.

    Paul D. Robertson "My statements in this message are personal opinions which may have no basis whatsoever in fact."
    firewall-wizards mailing list

  • Next message: David Lang: "RE: [fw-wiz] Re: Ethics, morality and the industry"