Hacker News new | ask | show | jobs
by sirsinsalot 1339 days ago
Another data point, I was reading just yesterday on a HN post about fake qualifications about many male director level people without proper education.

They were criticised too.

I guess we all see the world as we wish.
1 comments
prvit 1339 days ago
We're specifically talking about a field where even a decade ago "proper education" was only offered by a couple of schools in the world.

Compsci is not an infosec-related degree.

link
thwayunion 1339 days ago
> Compsci is not an infosec-related degree.

The vast majority of the people who invented, built, and maintain all the systems infosec people are deploying had CS or CE degrees. A good CS degree provides an excellent foundation for infosec careers. In fact, at many institutions, the infosec major is very similar to the CS major.

It's not everything you need, which is why a CISO should minimally also spend some time as an individual contributor in an infosec or closely adjacent group.

You're moving the goalposts because your position that CISOs need no education whatsoever in the work they are leading is prime facie absurd.

link
Kon-Peki 1339 days ago
25 years ago I asked Gene Spafford why the advanced degree program was being run out of the philosophy department instead of the computer science department, and he replied that it made no sense to be part of the CS department.

That's not to say that a CS graduate is or isn't the ideal candidate for the program (I think he felt that they were). But securing systems and organizations is primarily not a technical problem. You should understand that and understand the reasons why.

link
thwayunion 1337 days ago
I'm going to go out on a limb and assert that there are no Information Security departments run by Music departments.
link
prvit 1339 days ago
>In fact, at many institutions, the infosec major is very similar to the CS major.

Sure, but the best security programs don't even exist in the same department as CS.

At CMU Information Security is run by the College of Engineering, not by the CS department.

At NYU Cybersecurity is run by Tandon school of Engineering, not by the CS department.

At RIT Computing Security is run by ... the Department of Computing Security.

At JHU Cybersecurity is run by Whiting School of Engineering, not by the CS department.

This is because computer science and computer security are two entirely different disciplines.

link
thwayunion 1337 days ago
Um... I can tell you've never spent time in academia ;-)
link
sirsinsalot 1339 days ago
Independent of if the criticism is valid, it isn't gender motivated.

I'll agree the criticism isn't valid.

I disagree about the invalid criticism being gender biased or motivated.

The subject just happens to be female. That doesn't exempt them from valid or invalid criticism.

This isn't difficult really.

link