UK computing graduates lack security skills

 

Gallery

By Asavin Wattanajantra

Posted on 12 May 2008 at 15:48

The vast majority of UK computing students receive virtually no security training when it comes to developing new software applications, according to government funded research.

The research, conducted by the Cyber Security Knowledge Transfer Network, found that less than 20% of computing undergraduates in the UK receive more than five hours training in security functionality during the three to four years of their course.

"Today's computing market is a complex chain of software activities and is vulnerable as its weakest link," claims Bill Whyte, an independent IT security consultant who conducted the research. "The study is clear - security issues stem from the beginning of the chain."

"We need to get a greater percentage of security-literate graduates out there or the number of otherwise-avoidable financial losses will grow."

The KTN claims the study shows software development does not feature strongly enough on the UK's list of IT security priorities.

"The cost associated with security breaches and investment in information security could both be mitigated if software was developed with fewer security flaws and vulnerabilities," says KTN director Nigel Jones.

"The bottom line is that if we want to solve the problems we need to start by fixing the route cause. The greatest problem we have is that awareness of this fix is very limited."