U.S. Needs More Cyber Security Training and Education

Richard Marshall, director of global cyber-security management at the Department of Homeland Security made some interesting comments yesterday at the FOSE government IT show in Washington, DC. FOSE is a conference focused on cyber-security issues facing the public sector and what it means for protection against threats, cloud computing and new open government directives.

Here's a few quotes Marshall made at the conference taken from a post over at esecurityplanet.com

Working in concert with the government, the private sector has made significant strides in improving software security and ferreting out vulnerabilities in the supply chain, but the flow of cyber-security experts graduating from the nation's universities with advanced degrees remains anemic.

One of the most important steps policymakers can take is to nourish the education and training of a new crop of security expert.

No matter how successful we are in those two elements, we are going to fail if we don't invest more money, time, attention and rewards to educate the workforce. That's our legacy-to-be.

"The IT industry provides a one trillion -- with a 'T' -- dollar contribution to the U.S. gross domestic product. If you're looking for a metric for cyber-security, money is a good metric.

And my favorite quote from the piece which I'll probably catch some flack for posting:

Look at all the great football and basketball programs. They're all on scholarships. They're not playing for fun -- they're playing for money. We need to do the same thing with our computer science students.

Nicely said.