WASHINGTON (07/27/2000) - The information technology industry has become saturated with 20-something whiz kids who lack adequate training, education and professional discipline, creating a significant knowledge deficit when it comes to information security, a panel of top educators warned.
"We're in a real crisis in higher education," said John Knight, a computer science professor at the University of Virginia. Graduate programs in computer science and information security "are being decimated" by an IT industry that is filling the growing worker shortage with college kids who have not completed their degrees, he said.
Knight and three other educators from top computer science college programs delivered their warnings July 24 to industry and government officials at the Cyber Security Planning Summit, held in Pittsburgh and sponsored by Carnegie Mellon University's Institute for Survivable Systems.
The lack of education and experience among many of industry's software and security technicians is particularly troublesome given the complexities of modern computer system architectures, according to Knight. "It is essential that we regain intellectual control," he said.
Changes under way throughout higher education will challenge traditional notions of education, said computer science professor Charles Reynolds of James Madison University. These changes also may offer some answers to the personnel problems facing industry and government.
"The traditional model of education is that education is not training," Reynolds said. However, this perspective is changing to a model based on "education that is lifelong training," he said. The integration of work and learning will characterize higher education in 2010 to 2020, he said, adding that it will shift from being a teacher-centric experience to a student-centric experience with the help of distance-learning technology.
Peter Freeman, dean of the College of Computing at the Georgia Institute of Technology, said students who take jobs before they graduate from college will in a few years lack the basic skills to continue their education and take a long-term view of security research and development. "Information security is not just a technical problem," he said.
Panel members agreed that a partnership of industry, academia and government is urgently needed to change the way people think about information security. "The problem we face is broader and deeper than the Internet and broader and deeper than security," Knight said.