看板Soft_Job
資訊安全人員是未來企業徵才趨勢
http://internationaleducationforum.blogspot.tw/2014/05/blog-post.html
提供一個在BBC新聞網上看到的訊息,有興趣的人可以走這個方向...
新聞原文我就不翻譯了^^|||
Every cloud has a silicon lining.
As the number and sophistication of cyber-attacks increase, so too does the demand for people who can prevent such digital incursions. Cyber-security is having a jobs boom.
But there aren't enough people with the necessary skills to become the next generation of cyber-cops.
According to the most recent US Bureau of Labor statistics, demand for graduate-level information security workers will rise by 37% in the next decade, more than twice the predicted rate of increase for the overall computer industry.
"Demand for information security analysts is expected to be very high," forecasts the US Department of Labor.
In response, private sector firms and governments have been hurrying to work with universities to fill the gap.
This includes an ambitious project by IBM to create a partnership of 200 universities to produce the missing expertise.
As well as US universities, this talent-raising project is involving students in Singapore, Malaysia, Germany and Poland.
Global battle
Marisa Viveros, IBM's vice-president for cyber-security innovation, says it is a response to a changing "threat landscape".
The increase in cloud and mobile computing has introduced more risk, she says. And there are more complex attacks being attempted than ever before.
Cyber security drill
Japanese officials carried out a cyber-security drill last week to test their response
"It's no longer about if an attack is going to happen, but when it's going to happen," she says.
Setting up a global university network with a wide range of skills, she says, is a natural response to a globalised problem.
The students trained in cyber-security will enter a relentless battle, says Ms Viveros.
Even before online products have been launched, there are attempts to hack them. And even relief funds for humanitarian disasters, such as earthquakes or typhoons, are under threat from hackers trying to steal donations, she says.
Mark Harris, an assistant professor at one of the participating universities, the University of Southern Carolina, says there has been a surge of student interest in cyber-security courses - not least because they stand a good chance of getting a job.
University threats
But Dr Harris says that it's also going to be a challenge for universities to keep up with the pace of change.
"Textbooks on the subject are out of date before they're published," he said.
According to the most recent monitoring report from IBM on the current levels of cyber-attacks, universities could do with some extra security themselves.
It shows that education faces a higher proportion of cyber-attacks than retail, consumer products or telecommunications.
Harvard's website
Harvard's website was hacked by the "Syrian Electronic Army"
The only areas with more attacks than education are governments, computer services, financial institutions and media firms.
When there are attacks it can affect large numbers of people. Last month the University of Maryland faced what it called a "sophisticated cyber-attack" which breached the records of more than 287,000 present and past students.
Shadow world
It's a shadowy parallel world - and adding to the slightly sci-fi sense of unseen danger, IBM has its own "X-Force" to monitor the latest threats.
According to its latest report, the X-Force Threat Intelligence Quarterly, half a billion individual records, such as emails or credit card passwords, were leaked last year.
The latest trends include "malvertising", where online advertising can be used to launch malicious attacks on computer users.
It warns of "drive-by downloads", where a browsing reader can accidentally download rogue computer programs.
There is also "spear phishing", where specific individuals or organisations are targeted with fake emails to obtain confidential information.
The report says that about one in 20 attacks uses the so-called "watering hole" strategy.
Rather than trying to break into an organisation's network directly, this targets other websites where people might regularly visit, with the aim of infecting their computers and trying to get the unwitting carrier to bring a virus back into their own network.
Dr Harris, at the University of South Carolina, says attackers are creating ever more complex threats.
"I've seen the level of sophistication grow. They're spending months working on a strategy, finding weak links, using external sites, looking for a back door."
"It's like a race," says IBM's Ms Viveros. "The system gets better, then the hackers understand it and they try to catch up.
S. Korea's Cyber Terror Response Center
Cyber-warfare is a new frontline: South Korea's Cyber Terror Response Center
"It's going to carry on being a problem."
Catching up
Not least because computer technology is central to so many places, such as financial markets, defence, health industries, energy supplies and the media.
"It's inside your business, inside your home," says Dr Harris.
An attack on such essential infrastructure would have profound implications. But there is no quick fix, according to the UK's spending watchdog, the National Audit Office, which last month warned it could take another 20 years to tackle the skills gap in trained cyber-security staff.
There has been a huge growth in undergraduate and postgraduate degree courses in the UK related to cyber-security, including so-called "ethical hacking", where students try to penetrate computer networks in order to reveal weaknesses in their defence.
And the UK government wants cyber-security to be "integral to education at all ages", announcing this month that there would be lessons for pupils from the age of 11 and plans for cyber-security apprenticeships.
Does all this scrambling for training mean that we should be worried about the cyber-threats?
"I know enough about this to be scared," says Dr Harris.Every cloud has a silicon lining.
As the number and sophistication of cyber-attacks increase, so too does the demand for people who can prevent such digital incursions. Cyber-security is having a jobs boom.
But there aren't enough people with the necessary skills to become the next generation of cyber-cops.
According to the most recent US Bureau of Labor statistics, demand for graduate-level information security workers will rise by 37% in the next decade, more than twice the predicted rate of increase for the overall computer industry.
"Demand for information security analysts is expected to be very high," forecasts the US Department of Labor.
In response, private sector firms and governments have been hurrying to work with universities to fill the gap.
This includes an ambitious project by IBM to create a partnership of 200 universities to produce the missing expertise.
As well as US universities, this talent-raising project is involving students in Singapore, Malaysia, Germany and Poland.
Global battle
Marisa Viveros, IBM's vice-president for cyber-security innovation, says it is a response to a changing "threat landscape".
The increase in cloud and mobile computing has introduced more risk, she says. And there are more complex attacks being attempted than ever before.
Cyber security drill
Japanese officials carried out a cyber-security drill last week to test their response
"It's no longer about if an attack is going to happen, but when it's going to happen," she says.
Setting up a global university network with a wide range of skills, she says, is a natural response to a globalised problem.
The students trained in cyber-security will enter a relentless battle, says Ms Viveros.
Even before online products have been launched, there are attempts to hack them. And even relief funds for humanitarian disasters, such as earthquakes or typhoons, are under threat from hackers trying to steal donations, she says.
Mark Harris, an assistant professor at one of the participating universities, the University of Southern Carolina, says there has been a surge of student interest in cyber-security courses - not least because they stand a good chance of getting a job.
University threats
But Dr Harris says that it's also going to be a challenge for universities to keep up with the pace of change.
"Textbooks on the subject are out of date before they're published," he said.
According to the most recent monitoring report from IBM on the current levels of cyber-attacks, universities could do with some extra security themselves.
It shows that education faces a higher proportion of cyber-attacks than retail, consumer products or telecommunications.
Harvard's website
Harvard's website was hacked by the "Syrian Electronic Army"
The only areas with more attacks than education are governments, computer services, financial institutions and media firms.
When there are attacks it can affect large numbers of people. Last month the University of Maryland faced what it called a "sophisticated cyber-attack" which breached the records of more than 287,000 present and past students.
Shadow world
It's a shadowy parallel world - and adding to the slightly sci-fi sense of unseen danger, IBM has its own "X-Force" to monitor the latest threats.
According to its latest report, the X-Force Threat Intelligence Quarterly, half a billion individual records, such as emails or credit card passwords, were leaked last year.
The latest trends include "malvertising", where online advertising can be used to launch malicious attacks on computer users.
It warns of "drive-by downloads", where a browsing reader can accidentally download rogue computer programs.
There is also "spear phishing", where specific individuals or organisations are targeted with fake emails to obtain confidential information.
The report says that about one in 20 attacks uses the so-called "watering hole" strategy.
Rather than trying to break into an organisation's network directly, this targets other websites where people might regularly visit, with the aim of infecting their computers and trying to get the unwitting carrier to bring a virus back into their own network.
Dr Harris, at the University of South Carolina, says attackers are creating ever more complex threats.
"I've seen the level of sophistication grow. They're spending months working on a strategy, finding weak links, using external sites, looking for a back door."
"It's like a race," says IBM's Ms Viveros. "The system gets better, then the hackers understand it and they try to catch up.
S. Korea's Cyber Terror Response Center
Cyber-warfare is a new frontline: South Korea's Cyber Terror Response Center
"It's going to carry on being a problem."
Catching up
Not least because computer technology is central to so many places, such as financial markets, defence, health industries, energy supplies and the media.
"It's inside your business, inside your home," says Dr Harris.
An attack on such essential infrastructure would have profound implications. But there is no quick fix, according to the UK's spending watchdog, the National Audit Office, which last month warned it could take another 20 years to tackle the skills gap in trained cyber-security staff.
There has been a huge growth in undergraduate and postgraduate degree courses in the UK related to cyber-security, including so-called "ethical hacking", where students try to penetrate computer networks in order to reveal weaknesses in their defence.
And the UK government wants cyber-security to be "integral to education at all ages", announcing this month that there would be lessons for pupils from the age of 11 and plans for cyber-security apprenticeships.
Does all this scrambling for training mean that we should be worried about the cyber-threats?
"I know enough about this to be scared," says Dr Harris.
--
http://internationaleducationforum.blogspot.tw/2014/05/blog-post_2500.html
※ 批踢踢實業坊(ptt.cc), 來自: 123.193.54.43※ 文章網址: https://www.ptt.cc/bbs/Soft_Job/M.1399557529.A.1ED.html
→ IhateOGC:我不太懂台灣MIS和資安工程師差別...T_T 05/08 22:35
→ KUASkako:樓上 去某防毒就有感覺了XDD 05/08 23:36
→ alexlucifer:可能都要OnCall~~XD 05/09 08:24
推 zxcvboy:先解決盜版吧... 05/09 11:40
推 f124:台灣有台灣的玩法 05/09 11:56
→ zingaro:也許是世界的未來,但不是台灣的未來。 05/09 20:00
→ DrTech:沒錯,軟體沙漠自然有沙漠的玩法。 05/10 02:51
推 ninepoints:保全跟保鑣的價錢差很多,功能也差很多 05/10 11:07
→ viper9709:樓上有梗XD 05/10 11:08
→ easier:保全與保鏢xddd 05/10 14:48
→ easier:今天的報導: 比利時外交部電腦被駭客入侵(想竊取政治文件 05/10 23:16