Successfully reported this slideshow.
ICT Security Human Resources        Budi Rahardjo     Institut Teknologi Bandung         br@paume.itb.ac.id
Current Situation• The need for IT Security Professionals• But, not enough human resources available  locally    Need init...
Stakeholders / Positions To Be Filled• Industry                    • Military  – Banking,                     – Cybertroop...
Level of Competence (Dreyfus & Dreyfus)1. Novice   Rule-based behaviour, strongly limited and inflexible2. Experienced Beg...
America’s National Initiative for Cybersecurity Education (NICE) Strategic Plan,August 11, 2011
Certification vs. Formal Education  similar to software engineeringCertification               Formal Education• Too many ...
Suggested Initiatives• More security courses at universities• Security training at different level (from  awareness to adv...
Info Security Grad Programme at ITB• Two paths  – InfoSec Engineering  – InfoSec Governance• Facilities (Cybersecurity Cen...
Concluding Remarks•   We have become too dependent on IT•   Security is a major concern•   IT security is still a new fiel...
IT Security Human Resources
Upcoming SlideShare
Loading in …5
×

IT Security Human Resources

744 views

Published on

T

Published in: Education
  • Be the first to comment

  • Be the first to like this

IT Security Human Resources

  1. 1. ICT Security Human Resources Budi Rahardjo Institut Teknologi Bandung br@paume.itb.ac.id
  2. 2. Current Situation• The need for IT Security Professionals• But, not enough human resources available locally Need initiatives, strategies, to solve this challenge
  3. 3. Stakeholders / Positions To Be Filled• Industry • Military – Banking, – Cybertroops Telecommunication, e- Commerce, companies in general To Do:• Government Must map current and – Policy makers projected need• Academics – Researchers, inventors, Lecturers, Teachers
  4. 4. Level of Competence (Dreyfus & Dreyfus)1. Novice Rule-based behaviour, strongly limited and inflexible2. Experienced Beginner Incorporates aspects of the situation3. Practitioner Acting consciously from long-term goals and plans4. Knowledgeable practitioner Sees the situation as a whole and acts from personal conviction5. Expert Has intuitive understanding of situation and zooms in on central aspects
  5. 5. America’s National Initiative for Cybersecurity Education (NICE) Strategic Plan,August 11, 2011
  6. 6. Certification vs. Formal Education similar to software engineeringCertification Formal Education• Too many certifications • Has just started• Widely diverse • Still a new field• Not standard (yet) • Not available in most places• Expensive • Not recognized (yet) by the industry
  7. 7. Suggested Initiatives• More security courses at universities• Security training at different level (from awareness to advanced skill)• Security forum / sharing / conferences• Incentives for certification• Inexpensive certification• Regulation to make sure security is considered
  8. 8. Info Security Grad Programme at ITB• Two paths – InfoSec Engineering – InfoSec Governance• Facilities (Cybersecurity Center) – Malware lab (virus, botnet, honeypot) – Forensic lab• Opening Agustus 2013
  9. 9. Concluding Remarks• We have become too dependent on IT• Security is a major concern• IT security is still a new field• Professionals are in demand• Must fill the gap quickly

×