Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered


Training? (3, Interesting)

WrongSizeGlass (838941) | about 4 years ago | (#31612042)

Shouldn't they be recruiting them from the trenches or simply luring script kiddies into the evil clutches of our federal government with promises of "no bedtimes", "free games, pizza & soda" and "no one here will make fun of you because everyone here will be like you"?

Re:Training? (1)

santax (1541065) | about 4 years ago | (#31612090)

Yes unfortunate for some very bad people high up there in the ranks, the guys clever enough to do that job often have ethic values. (that prohibit them from doing evil. But I could have stopped after ethic values.)

Re:Training? (0)

Anonymous Coward | about 4 years ago | (#31613460)

Reality check:

Who cares about ethics when taking a low paying, contractor security job also means being on call 24/7, providing regular urinalysis samples, being audited for everything under the sun and working for a political douchbag who gets paid to breed. Not going to happen.

Re:Training? (0)

Anonymous Coward | about 4 years ago | (#31614010)

So! Who wants to spend money on a four year degree so they can be a fall guy for a crooked government bureaucrat and never get a job in their career field again?

Re:Training? (0)

Anonymous Coward | about 4 years ago | (#31612800)

Or just offer more money? Seriously, if you need x people with a certain skill, and you can only find y We don't just "run out" of people with skills; a perceived shortage just means the opportunities aren't tempting.

Re:Training? (2, Insightful)

Grishnakh (216268) | about 4 years ago | (#31614026)

Exactly. There is NEVER a such thing as a "shortage" of workers (unless a massive plague has struck, perhaps). There's only a "shortage" because the employers don't want to pay enough for people to want to enter the field. Many technical fields require significant education and experience, and this takes many years to build up to; if they're not going to pay enough to make it worthwhile, no one's going to bother entering the field. And if they're constantly firing people every time there's a downturn, making that career extremely unstable, then they need to pay EVEN MORE to get people to come back to it for the short periods where they're hiring instead of firing.

Re:Training? (0)

Anonymous Coward | about 4 years ago | (#31618940)

Or maybe not very many people want to take part in the obvious lie that is "cyber security". Technical people can see that the fear mongering is so overdone, and geared towards the 60+ crowd that don't know much about computers and think you could bring down the entire power grid via the WWW.

I'd say it's a pretty promising thing that the Department of Fatherland Security are having a hard time recruiting enough cyber spies.

Nice try... (1, Troll)

couchslug (175151) | about 4 years ago | (#31612072)

Nice try, but the public prefer jock-sniffing to everything else.

Besides, why train more people and drive down the wages of those who had the initiative to learn on their own? Businesses exist to fuck over their employees, so said employees should not dilute their advantage.

Your only "job security" is hoarding knowledge.

Re:Nice try... (1)

The Mighty Buzzard (878441) | about 4 years ago | (#31613422)

Did you seriously just go so far socialist that you came back to capitalist from the other side? Who the hell mods something this retarded Insightful?

Let me splain. No, is too much. Let me sum up. Businesses exist to make money. Period. Employees are paid to help the business do that. Businesses owe their employees nothing aside from the pay they've earned. Employees owe the businesses nothing aside from the work they're paid for.

If your employer tells you to train Bob to not be such a noobass in security and you half-ass it for job security reasons... Well, I hope you like unemployment lines because you just either looked like you didn't know your job or deliberately didn't do your job. Neither is conducive to longterm employment.

Re:Nice try... (0)

Anonymous Coward | about 4 years ago | (#31615842)

...Businesses exist to make money. Period. Employees are paid to help the business do that. Businesses owe their employees nothing aside from the pay they've earned. Employees owe the businesses nothing aside from the work they're paid for.

Can't disagree.

However, once upon a time, there were ideals which included gratitude, sacrifice, and loyalty, that used to be a part of the picture.

Those ideals used to carry some real weight, that mattered in the employee-employer relationship.

People actually helped other people through hard times, and they were rewarded for that behavior in good times.

What happened? How did we as people lose sight of those ideals? Or, was it just an illusion?

If not, is it possible begin teaching ourselves that those ideals are important, and have a place in the relationship between employees, and employers?

Or, has that ship sailed for good?

Re:Nice try... (1)

The Mighty Buzzard (878441) | about 4 years ago | (#31618730)

Easy question, easy answer. Give loyalty to your employees and you can realistically expect to be able to demand it in return. Don't and, well...

Re:Nice try... (1)

stonewolf (234392) | about 4 years ago | (#31616900)

you are correct. But, there is another way of looking at it that most people don't seem to understand.

Let me try this on you. If my job is doing X for company Y. That is my job and I get paid for it. If the boss comes in and tells me to train JimBob DumbAss to do my job I have a perfect right to say "no". I also have the right to say, "what is it worth to you?" And, if the boss says something like, "you get to keep you job". You have a perfect right to say "fuck you" and walk away.

I've had a few lessons on what the "boss" thinks he can get away with just because he is the boss and you are the serf. The first time it was over a short pay check. Seems I had worked too many hours one week. IIRC it was 105 hours. I worked it because no one else showed up. I worked it because the owner personally asked me to do it and thanked me for doing it. When I pointed out the difference between what I had been paid and the hours I worked he laughed. He asked me if I could prove I worked those hours? He had the only copy of my time card. I could not prove anything.

You know what? That dumb son of a bitch actually kept me working for him. Why would he not keep me on? I was one of two employees who actually showed up. From then on I kept personal copies of my time cards. Since the statute of limitations has long passed I feel free to say that he actually did pay me for those hours, at double time. I kept careful books to make sure I only got what was owed me. When you treat your employees the way you describe, then they will treat your company the way I did.

Yeah, I was lucky to learn that lesson when I was only 19. It has served me well.

The next time I was part of a software development team working on a product that we were told was critical to the survival of the company. One day we were called into a room and told that from today and until the product shipped we were going to a mandatory 60 hour work week. We would be required to work 12 hours/day. One of the days would be a Saturday or Sunday. We could take one day off during the other 5 week days if we were ahead of schedule and not needed for meetings or scheduled for testing. Turns out there were two scheduled meetings every day. So, we were really being told to work 72 hours/week.

Silence fell over the room like crap out of the back end of a steer. People were looking around at each other. A few people started to say something, but then you would see their shoulders slump and they put their heads down. (I was sitting way in the back of the room so I could only see them from the back.) The boss was starting to look happy when I asked a simple question. You see, I had learned the rules back when I was 19. I asked "What is in this for us?"

"What?" was his reply.

"Right now it looks like I would be better off looking for a new job, Why do you think we are going to do this?"

The boss looked startled and replied "If we don't get this done the division will not make its numbers and the division could be shut down". (It turned out that that really meant that the VP would lose his bonus for the year.)

I turned it around, "so if we do this we get nothing and still might lose our jobs. If we don't do this we get paid until you shut the place down and then you and all the rest of management lose your jobs too." In other words. If we do not cooperate you will lose your job. But, we could lose our jobs whether we do this or not.

"I'm not doing it unless you pay me by the hour for every hour I work. And, I want over time." . Some of the other people in the room were getting a very interesting look in their eyes. The rest were trying to hide under their chairs.

He put on a stern face and in the same tone of voice you use to tell a child that he must finish his home work before he can play video games he said, "you are an exempt employee, you don't get paid by the hour and you don't get over time."

"I do not give a about that are only there to keep me from getting paid for my work. You will pay me by the hour if you want me to work those hours." There were a number shouts of support for me and my point of view and the boss, standing there with his eyes bugging out and his mouth gaping open, ended the meeting right then.

We went back to work. A couple of hours later the boss came around, gathered us all together, and told us that he could offer us straight time plus bonus pay up to a maximum hourly rate so the new guys would benefit more than the older guys but that was the offer. And, btw, the deal is off is you tell anyone about it. This is the only group that is getting this deal. We took the deal. I got paid for every hour I worked until the end of the project, plus bonus time. And, that included the time I spent eating lunch.

So what happened after that? We did not keep it quiet. But, management did not offer the deal to any other group. No one in the other groups was willing to stand up and demand it. They just asked once, were told no, and went back to work like good little "exempt employees". I did not get fired. Everyone I worked with, and my wife, expected me to be fired. For the rest of the time I worked there I got stellar reviews and great raises. I got a lot more respect that I had ever gotten before. When I decided to leave and go back to school there final offer to get me to stay included being moved into management. When I finished graduate school the same old boss called me up and offered me a job. At the time, that company was in a company wide hiring freeze, but they wanted me back he had corporate level permission to do it. Most of the guys I worked with on that project had been laid off.

That was the second lesson. The bosses respect and value people who refuse to be treated as serfs.

I really think it is important to point out that the employee is *always* entitled to negotiate over any assignment they are given. They can ask for more money. They can ask for anything they want at any time. You are in business and the simple fact that you are already working their makes you worth more than someone who has to be hired and trained in any way.

I hope you realize that I am not disagreeing with you. I am just pointing some details I feel you left out.


Re:Nice try... (1)

The Mighty Buzzard (878441) | about 4 years ago | (#31618800)

I hope you realize that I am not disagreeing with you. I am just pointing some details I feel you left out.

Yep, cheers.

The bosses respect and value people who refuse to be treated as serfs.

Goes beyond bosses. Nobody respects weakness.

When you treat your employees the way you describe, then they will treat your company the way I did.

I just gave the baseline. Violate it at your own peril, from either side of the equation, as your boss should have known. What you can negotiate beyond that is between the two of you.

Re:Nice try... (0)

Anonymous Coward | about 4 years ago | (#31614600)

your only job security is the skilled application of your craft

Re:Nice try... (1)

couchslug (175151) | about 4 years ago | (#31615772)

"your only job security is the skilled application of your craft"

In a perfect world, honest virtue is rewarded.

In the real world, doing what your employer wants is what give him reason to keep you. What that is can be professional or not, and can be utterly divorced from anything one might regard as common sense.

Re:Nice try... (1)

stonewolf (234392) | about 4 years ago | (#31616970)

Nope, there is no job security.

Repeat after me, there is no job security, there is no job security, there is no job security.

Repeat it a thousand times. Make it you mantra. When you finally believe it you will have changed your life for the better.


Easy solution (3, Funny)

Skyshadow (508) | about 4 years ago | (#31612080)

We'll just recruit our cybersecurity from the obvious source: China.

I, er, hear they may have some relevant experience.

No problem (3, Funny)

oldspewey (1303305) | about 4 years ago | (#31612082)

I'm sure the US can just hire some of those well-trained and eager Chinese cybersecurity experts who seem friendly and anxious to come across on H1 visa.

They're not seeing a primary source. (3, Interesting)

rindeee (530084) | about 4 years ago | (#31612124)

Working in the industry and hiring new Cyber talent on a weekly basis, I'd say that the author's aren't looking in the right place. We find the best, most talented folks are coming out of the military. These ladies and gentlemen are very disciplined, highly trained and have real (very real) experience not only within the ranks of military cyber operations, but most also have a good deal of experience in the intelligence community. They all have a great deal of experience (and preference) with open source tools, but understand the proper application and integration of COTS products as well. Anyway, my two cents.

Re:They're not seeing a primary source. (3, Interesting)

Anonymous Coward | about 4 years ago | (#31612500)

That might be the case, but it's equally as hard to find a cyber security job. I graduated from a Center of Excellence with a Master's in Computer Security and Information Assurance. Due to the scholarship I've been working with DoD and I've gained my clearance through them. I've sent job applications to NSA, DHS, ARL, NRL, DARPA, etc. and have not heard one response aside from DHS saying I wasn't the most qualified candidate. I even have my 8570 certifications now for IAT 2. Everything is so C&A focused it's a bear to find any real cyber security work - I've certainly been trying to move toward it. Maybe I'm doing it wrong, but from my experience the job positions just aren't there, regardless of need.

Re:They're not seeing a primary source. (2)

dremspider (562073) | about 4 years ago | (#31612620)

Look at contractors working for the government. In my experience that is where a lot of the jobs are. I know where I work, they are always looking for talent.

Re:They're not seeing a primary source. (1)

oldspewey (1303305) | about 4 years ago | (#31613214)

Just add Cantonese or Mandarin to your list of qualifications and you should be able to get a good cybersecurity job in a snap.

Re:They're not seeing a primary source. (1)

The Mighty Buzzard (878441) | about 4 years ago | (#31613502)

Yup, security doesn't directly generate revenue, so it's often left way, way down the priorities list for management. That's assuming they even know enough about cybersecurity to know if they're hiring the right person should they decide it's a good idea.

Re:They're not seeing a primary source. (1)

chill (34294) | about 4 years ago | (#31613566)

CISSP, CISM, CISA certifications help. But right now, a lot of them are focusing on EXPERIENCE, not college degrees.

Re:They're not seeing a primary source. (1)

crypticwun (1735798) | about 4 years ago | (#31614752)

Search for "2210", "1550", or similar "interdisciplinary" cyber jobs within DHS NPPD:
JobID=86515922 JobTitle=INTERDISCIPLINARY+(CYBER) [usajobs.gov]
JobID=86667657 JobTitle=INTERDISCIPLINARY+(CYBER) [usajobs.gov]
JobID=86642799 JobTitle=INTERDISCIPLINARY+(CYBER) [usajobs.gov]

Re:They're not seeing a primary source. (1, Informative)

Anonymous Coward | about 4 years ago | (#31616110)

DHS is one of the worst organizations at hiring out of College. Everyone is hyping the college programs, but they won't hire out of them due to a lack of experience. I'm already technically a 1550 but still don't have the experience to transition to an organization like DHS to do the cyber jobs.

Re:They're not seeing a primary source. (2, Interesting)

girlintraining (1395911) | about 4 years ago | (#31613344)

The best, most talented aren't coming out of the military. The military has some stringent guidelines on physical health and background that a lot of people don't make the grade for, but nonetheless are well-suited for the work. Anyone with asthma, short-sighted, or is gay, or bad credit, etc., are all ineligible for military work. I should know -- I am one of those "cyber security" experts, and I did look into joining the military, but was ruled ineligible. The talent pool that the military can recruit from is significantly smaller than total pool size.

And as anyone in IT will tell you, overspecialization can kill your career; You need to remain flexible, continually expanding your skillset, and often find yourself in peripheral fields because a job isn't available in your field of choice. Many of us wind up taking help desk positions when five years ago we would have been network administrators, simply because of consolidation, outsourcing, and the fact that IT in general does poorly in a recessionary economy. A lot of that talent we had moved into other fields that have better job security, and they are no longer trained to current requirements. This is a side-effect of capitalism and is neither good nor bad, but it does shrink the pool size.

If the Department of Homeland Security wants more people to choose from, they need to either lower their requirements to what the job actually requires, or they need to consider liasoning with the Department of Commerce, trade, etc., and funding IT projects that will bring people back into the field and increase the pool of currently-trained and available workers, or they raise the amount they're willing to pay, offer training, etc.; Like the medical field does. The Department of Homeland Security needs to offer a career path, not just a job, in that scenario. Otherwise, what's the point?

Re:They're not seeing a primary source. (0)

Anonymous Coward | about 4 years ago | (#31613802)

anyone with asthma, short-sighted, or is gay, or bad credit, etc., are all ineligible for military work

More bullshit. The military doesn't care if you have bad-credit, even has a system for helping you manage debt. They will accept people with asthma provided they can still handle the physical training, and short-sighted only gets your disqualified if you are almost blind. Plenty of military personnel wear glasses and the military will often pay for corrective surgery if you want it.

Someday you will learn that you can't take your limited experiences of the world and turn them into overly broad statements of fact about entire processes and organizations.

Re:They're not seeing a primary source. (2, Informative)

girlintraining (1395911) | about 4 years ago | (#31614102)

More bullshit. The military doesn't care if you have bad-credit, even has a system for helping you manage debt. They will accept people with asthma provided they can still handle the physical training, and short-sighted only gets your disqualified if you are almost blind. Plenty of military personnel wear glasses and the military will often pay for corrective surgery if you want it.

Enlistment standards [about.com] .

Bad credit: "Any recruit who's monthly consumer debts (not counting debts which can be deferred, such as student loans) exceeds 40 percent of his/her anticipated military pay is ineligible for enlistment."

Asthma: Disqualifying [about.com] .

Short-sighted: Having eye surgery can disqualify you, actually [about.com] . Also, being short-sighted can disqualify you, if your vision can't be corrected to within 20/40 [about.com] . Even if vision can be corrected, a wide variety of common eye problems can disqualify you, including night-blindness.

Someday you will learn that you can't take your limited experiences of the world and turn them into overly broad statements of fact about entire processes and organizations.

Hugs and kisses.

Re:They're not seeing a primary source. (1)

Grishnakh (216268) | about 4 years ago | (#31614176)

Do they still disqualify people with flat feet? That one would keep me out.

And how is someone with asthma going to handle physical training without having their inhaler on them at all times? Surely that's not allowed in basic training: "hold on, I can't crawl under the barbed wire obstacle yet, I need to take a break with my inhaler." I'm not saying asthmatics can't handle physical activity, they just can't handle it at the pace that other people do. I'm sure they could hike the Grand Canyon just fine if properly prepared and if they take plenty of breaks along the way, but basic training isn't like that.

Re:They're not seeing a primary source. (1)

Simulant (528590) | about 4 years ago | (#31613416)

    Most importantly for you, probably, is that they already have expensive clearances. A clearance appears to be worth more than experience to many defense contractors.

Re:They're not seeing a primary source. (3, Insightful)

centuren (106470) | about 4 years ago | (#31614150)

The whole statement seems to show a wildly inaccurate perspective on how education and industry go together:

"Homeland Security's cybersecurity director, Richard Marshall, warns that universities aren't turning out enough cybersecurity experts and urges greater scholarship funding.

Universities do not turn out experts, period. If one needs more national security experts, the place to look isn't for upcoming graduates from Harvard's "Department of National Security", because no such thing exists. Hopefully, 4-year degrees in cybersecurity don't/won't exist, either. Universities educate students, giving them knowledge and skills to put them in a situation where they can be trained into these rolls. I went to an engineering school, and the CIA had a booth at the job fair every year, and 3 or 4 of my friends interned with the NSA, at least one of whom accepted a job there after he finished his graduate degree(s).

Richard Marshall's statement seems absurd; if they need more cybersecurity experts then they should recruit and train more people. With today's unemployment rate, it's not like there aren't people with the education out there looking for jobs. If you want more experts, hire people and train them. Scholarships might put more inexperienced graduates into the hiring pool, but does nothing to produce more cybersecurity experts. People in Marshall's position need to start realizing that companies and agencies alike invest in developing employees when it comes to jobs as specific as cybersecurity. Just throwing more certification graduates into the world isn't likely to improve anything.

All it takes... (3, Insightful)

garyisabusyguy (732330) | about 4 years ago | (#31612128)

...is state subsidized computer "crime" education.

Israel has had state sponsored training for decades and looky looky they have plenty of forensic experts...

In the US we threaten anybody that touches these tools with prison and let the mpaa sue Professors that attempt to study anything remotely like security.

Yeah, it's about the money (4, Insightful)

HockeyPuck (141947) | about 4 years ago | (#31612142)

Starting salary at IBM is about $50k.
Additional Compensation:
---Employee Stock Purchase Plan.
---Options (maybe)
    Pre-requisites: Atleast 4 years of college, optional advanced degrees. Experience with security and engineering solutions.

Starting Salary of Lebron James: ~$4m per year.
Additional Compensation:
---$90m Nike Contract
      Pre-requisites: Ability to dribble and score with a basketball better than any other kid in high school.

Which would you choose?

Re:Yeah, it's about the money (0)

Anonymous Coward | about 4 years ago | (#31612284)

Starting Salary of Lebron James: ~$4m per year.
Additional Compensation:
---$90m Nike Contract
Pre-requisites: Ability to dribble and score with a basketball better than any other kid in high school.
No pasty white guys please

Which would you choose?

FTFY/There go my chances...

Re:Yeah, it's about the money (1)

Grishnakh (216268) | about 4 years ago | (#31614232)

That's just basketball; there's plenty of high-paying sports that pasty white guys gravitate to more, such as auto racing, baseball, football, etc..

Re:Yeah, it's about the money (1)

garyisabusyguy (732330) | about 4 years ago | (#31612342)

Sure... sure... However, IBM has about 400,000 employees, probably bringin on a few thousand out of each graduating class.

There is usually only one or two 'Lebrons' that show up in a graduating class.

IF we taught mathmatics and statistics to our children, then the choice to go with the (relatively) certain tech job over the (totally) unlikely NBA career would be obvious.

Unfortunately we don't, and our youth suffer as a result

btw, anybody seen 'Hoop Dreams'?

Re:Yeah, it's about the money (1)

Grishnakh (216268) | about 4 years ago | (#31614374)

Sure... sure... However, IBM has about 400,000 employees, probably bringin on a few thousand out of each graduating class.

And how many of those are foreign nationals? Only a portion of IBM's employee base is engineers and programmers; many more are marketing people, HR people, finance people, sales people, managers, executives, etc. Of those that are engineers and programmers, I'd guess most of them are foreign nationals, and these days, most of them physically live in India. This isn't helpful for a US Government position.

IF we taught mathmatics and statistics to our children, then the choice to go with the (relatively) certain tech job over the (totally) unlikely NBA career would be obvious.

We DO teach math and statistics to our children. We might not force them to take calculus in high school, but it's usually available (I took it in HS, for instance) for those who are interested. The problem is interest: why should kids be interested in math? They don't need it for a career as a sports star, or a singer on American Idol, or a model, or a movie star, etc. Sure, most kids aren't going to succeed in reaching those careers, but they'd rather try for that than waste time getting many years of education for a job that pays $50k. If they're smart and know better than to gamble their life on a chance at American Idol, and are willing to spend many years in school for a career, they're going to become a doctor or lawyer, because they make far more money, and don't get laid off when the company has a bad quarter. If they're happy with $50k, then why bother with years of education? You can make more than that handling luggage at the airport, or waiting tables at a high-end restaurant, with zero education.

We as a society have taught our children that it simply isn't worth it going into a technical job, because we don't want to pay for that skill to make the education worthwhile. We need to accept this and stop trying to change it, and just realize that in the future, all the technical work will be done in China and India and that our future careers will be as service workers.

Re:Yeah, it's about the money (1)

ThrowAwaySociety (1351793) | about 4 years ago | (#31615176)

Sure... sure... However, IBM has about 400,000 employees, probably bringin on a few thousand out of each graduating class.

There is usually only one or two 'Lebrons' that show up in a graduating class.

IF we taught mathmatics and statistics to our children, then the choice to go with the (relatively) certain tech job over the (totally) unlikely NBA career would be obvious.

Unfortunately we don't, and our youth suffer as a result

btw, anybody seen 'Hoop Dreams'?

These days, IBM only really hires sales staff and in the US. There are a few legacy technical employees, and a few technical contractors, but they have essentially announced that all new technical staff will be overseas.

I'd say your chances of playing professional b-ball are about as good as your chances of getting hired as an engineer at Big Blue.

Re:Yeah, it's about the money (3, Insightful)

Skyshadow (508) | about 4 years ago | (#31612408)

Lebron James is one of the best basketball players ever to live, not just some run-of-the-mill pickup player.

Let's make a slightly more appropriate comparison: Samuel Palmisano, CEO of IBM, made $1.8 million last year, plus a bonus of $4.75 million and $13.5 million in stock options. So really, the top performers in tech don't really do so poorly either, especially considering that their career is probably a bit longer than Lebron's.

Re:Yeah, it's about the money (0)

Anonymous Coward | about 4 years ago | (#31612518)

I recommend Andre Agassi's bio "Open" [amazon.com] to anyone who thinks that being a professional athlete is just a matter of having fun.

Here's a guy with natural talent who still had to bust his ass to the point of breaking and even then, age caught up with him.

Re:Yeah, it's about the money (1)

The Mighty Buzzard (878441) | about 4 years ago | (#31613548)

True, but Lebron's job is way better at attracting slutty hotties. Gotta have your priorities.

Re:Yeah, it's about the money (1)

FlyingBishop (1293238) | about 4 years ago | (#31613934)

Once you're at the level of Palmisano, it doesn't fucking matter. It's the difference between 100,000 slutty hotties and 1,000. It's still far more than you're capable of taking advantage of.

And the longevity argument is probably even more applicable here, since even assuming James manages his money well, in 10 years he will have no more sex appeal than Palmisano.

Re:Yeah, it's about the money (1)

Grishnakh (216268) | about 4 years ago | (#31614424)

Except that no true engineers or programmers get to the level of Palmisano. Only sociopathic manager-types can rise up the ranks like that. So this really isn't a valid comparison. With very, very few exceptions, CEOs are not former engineers (and those that are, were never really serious engineers anyway; they hopped into the management track as soon as they could). If you want to be another Palmisano, you need to get an MBA degree, not a EE/CpE/CS degree.

Re:Yeah, it's about the money (1)

FlyingBishop (1293238) | about 4 years ago | (#31615024)

Well, no, but a high-end IT salary is more than sufficient for most purposes so long as you aren't a total dick. (And even then, you're in pretty good shape.)

You can't sleep with a different chick each night, but if your angle is hedonistic abuse of wealth, you'll do alright.

Re:Yeah, it's about the money (1)

Grishnakh (216268) | about 4 years ago | (#31615652)

Yes, a high-end IT salary isn't bad, but there's a lot of other jobs where you can get the same money with much less education. THAT's why kids don't bother with it, unless they really like computers.

I'm a software engineer myself. The reason I went into this career is because I've been obsessed with computers and electronics since I was 8, and also because it pays decently and beats doing a lot of other mind-numbing jobs. Most people aren't that interested in a subject like that, and are looking at things more pragmatically when they finish high school: what jobs can I get, what education do they require, and how much do they pay? Engineering-type jobs don't work out very well on that list, unless you have a serious personal interest in it; the educational requirements are too high for the reward you get at the end (even with a BS degree in engineering, you're going to spend all your time studying while all your friends with Business and liberal arts majors are going to be partying every weekend).

You can't sleep with a different chick each night, but if your angle is hedonistic abuse of wealth, you'll do alright.

You'll do better if you major in business: you can sleep with lots of chicks in college (unlike your engineering friends who have to stay up all night doing projects), you actually get to go to classes with girls in them (engineering classes are male-only), and you'll make at least as much money in your career, with the potential for a lot more if you do well in management. You also don't have to understand multivariable calculus or differential equations to get a business degree.

Re:Yeah, it's about the money (0)

Anonymous Coward | about 4 years ago | (#31617706)

yahoo disagrees

Re:Yeah, it's about the money (1)

bughunter (10093) | about 4 years ago | (#31613680)

I believe the point was more about influence on the career choices of youth, not statistical likelihood.

Re:Yeah, it's about the money (1, Interesting)

Anonymous Coward | about 4 years ago | (#31612484)

I see your point but the contrast isn't always that stark.

I recently quit my job as an IT Manager for a large resort. I was expelled from school in the 8th grade and never got a GED. When I quit I was making $50k. Never a day of college in my life.

There is a small cache of people out there that hold many things higher on the ladder than money that also put their convictions into practice..... of course, if I would have had a wife and children, I probably wouldn't have made the decision to quit--- just for their sake... but since it was just me, I felt that although I did a great deal of work there, that my 'work' didn't really qualify in the way I wanted it to... What I am saying is that I felt it was wrong for me, being 24 years old, to be making over double that of which so many people there, double my age were making, when in fact they put in more physical work in 1 single day than I did in an entire week. It became a daily struggle to have to fend off the mental insinuations ushered in by the rest of the management there that I was 'better' than the other people simply because my skillset allowed me to circumvent hard honest labor while exceeding the contemptuous honest laborers in monetary gain.

What I am trying to say is that people making millions of dollars for contributing so little to society are doing a massive disservice to themselves in the long run. When they have to look back on their lives I am pretty sure it is a tough experience if they are honest with themselves-- and the alternative is just lying to yourself which also takes its toll on you, mentally. No amount of money can ever satisfy the troubled, guilty conscience. Ever wonder why so many 'successful' people are miserable bitter substance abusers?

About a year after quitting that job I read this quote and it expressed my feelings very well:

Governor Washburn of Wisconsin in his annual message, January 9, 1873, declared: "Some law seems to be required to break up the schools where gamblers are made. These are everywhere. Even the church (unwittingly, no doubt) is sometimes found doing the work of the devil. Gift concerts, gift enterprises and raffles, sometimes in aid of religious or charitable objects, but often for less worthy purposes, lotteries, prize packages, etc., are all devices to obtain money without value received. Nothing is so demoralizing or intoxicating, particularly to the young, as the acquisition of money or property without labor. Respectable people engaging in these change enterprises, and easing their consciences with the reflection that the money is to go to a good object, it is not strange that the youth of the state should so often fall into the habits which the excitement of games of hazard is almost certain to engender."

Re:Yeah, it's about the money (0)

Anonymous Coward | about 4 years ago | (#31613342)

You sir, are an idiot. You call physical labor honest and imply that your job as an IT manager was somehow dishonest merely because it paid a higher salary. You obviously do not understand supply and demand. There is a much larger supply of physical labor than there is a supply of IT managers. Do you think any of the physical laborers could have done your IT manager job? If you think so, then the problem was entirely of your own making, as you lack the experience to understand that not everyone is created equal. Some people *are* better at certain things than others. But perhaps the real reason you quit was that you knew you were a shitty IT manager and were in above your head and wanted to blame it on some moral high ground instead of the fact that you lied on your resume to the get the job and didn't really know what you were doing.

Re:Yeah, it's about the money (0)

Anonymous Coward | about 4 years ago | (#31614108)

I am not at all saying that there is something dishonest about being a skilled IT person. Not at all. My situation is not like most other peoples. When I was expelled from school I was already working at a computer shop. By the time I was 16 I became the head technician. I was a very arrogant kid- at the age of 16 I had long ago realized that my bosses were incapable of doing the technical work, so I used that as leverage against them to get what I wanted. When I was 17 the new main owner of the small shop decided that he wasn't going to be manipulated by some kid, and he gave me an ultimatum- I called his bluff and quit at a very bad time for them (at that point I was their only capable full time tech). The town was rather small and I knew almost every tech in it, I was pretty certain they wouldn't find a replacement for me. A month later the business which had been open for several years had to close it's doors. Why? Simply because I quit? No. There were other problems, but my leaving was a sizably contributing factor in the mix.

That same sort of arrogance on my part didn't end there, but when I got to around the age of 20 I began to see how incredibly empty and pointless it was to laud my knowledge above others... I began to see that many of the hoary haired people that had been trying to give me advice for all those years were correct-- I began to realize that many of them (that I thought I was smarter or more knowledgeable than) were in my very same position only a handful of years earlier--- they knew tons and tons that I didn't, and although most of their knowledge was now obsolete, mine would be also in a few years.

I am not saying that it is 'wrong' to be a skilled IT person and that it is right to be an 'unskilled' day laborer, but I am saying that in my case I knew for a fact that my work ethics which I prided myself on for so long were in reality very flimsy. When I compared my life to almost everyone else's I found that I had lived a life knowing very little to no want. Almost everything had always been provided for me, I never had to do a hard days labor for anything.... that worried me, because I believed, and still believe, that people don't really know what they are made of until they are put in trying circumstances, and by keeping myself isolated from such trials I was only molding myself into someone that would be unprepared to handle tough times should they ever occur.

So I worked there for a little over a year... I took a year long break from computers to really reflect on what I wanted to do with my life. Most of my family and friends thought I was insane. Maybe I was/am. Now, I am doing basically the same thing I was, but as a volunteer making hardly any money and far less prestige... Don't think that I think I am some great person with impeccable morals, I'm not, at all... I've said to myself many a time what you said, 'I'm an idiot.' when I contemplate how absurd it was for me to leave that position....... but I am quite certain that had I continued on my course there I would have dug myself into a terrible hole- I wasted every dollar I made there on alcohol, coke, pot, guns, guitars, and ammo, probably in that order. Being addicted foremost to success, though, is such a snare- when we define ourselves by what we do, or what we have, we overlook the most important common denominator and the only thing that, IMO, truly matters- that thing that no amount of wealth can secure or create-- that we are all humans, all equally deserving of the same things- life, liberty, privacy. When we put that on the backburner and began to evaluate each other upon all the other external labels we lose, IMO, the very essence of humanity itself.

I think most of this started because one day, years ago, I began to really muse on something: What if today, through some horrible mishap, I lost both of my arms? You know that sort of thing happens to a lot of people- every day... If I spent my entire life building up my plans for my future upon the basis of the fact that I could use my hands to type and plug cables into things-- then really, ultimately, what am I? Is that all I am? My heart breaks for so many talented beautiful people that hinge their future upon their looks- it is so fleeting. What happens when you no longer have that perfect smile, that perfect body? The same society that once applauded you now puts you in a corner and labels you a wash up, a has been- etc. But underneath all of that you are still something so much more infinitely important-- the question is, have you at that point become so thoroughly indoctrinated by society and yourself over the past several years that you can no longer see it?

Re:Yeah, it's about the money (1)

Grishnakh (216268) | about 4 years ago | (#31614538)

You sound exactly like the kid in "Into the Wild", who ended up going to Alaska to "find himself" and stupidly starved to death.

Here's a few tips:
"My heart breaks for so many talented beautiful people that hinge their future upon their looks- it is so fleeting. What happens when you no longer have that perfect smile, that perfect body?"

If you're smart, you save up all the money you make while you have your looks (or whatever other valuable skill you have), so that when it goes away, you can live comfortably on your savings. Some celebrities are good at this, and retire with plenty of money so they don't have to work again, and others stupidly blow all their money as fast as they earn it just to become washed-up later and having to appear on Sleep Number ads to make ends meet.

but I am quite certain that had I continued on my course there I would have dug myself into a terrible hole- I wasted every dollar I made there on alcohol, coke, pot, guns, guitars, and ammo, probably in that order.

Obviously, you were one of the latter people.

At least the guns, guitars, and ammo frequently hold their value decently and can be resold.

Re:Yeah, it's about the money (0)

Anonymous Coward | about 4 years ago | (#31615544)

Haha :)

That is actually a pretty fair assessment to be honest. For years I had been contemplating doing roughly the same thing that kid did- and oddly enough my plans were either Alaska or far north Canada... I hadn't actually really planned anything, but was just pondering on what it would be like to break free from the typical social restraints. Years later I had come to the conclusion that just because there are social restraints in place doesn't mean they are of necessity 'bad' or purposefully restrictive to keep us from being 'human'.... some of them are just common sense... like, 'Don't venture out into the wilderness unless you are completely certain after years of research and training that you are prepared to do such a thing'... So yeah, when I finally ended up seeing that movie I was like 'Woah! This is what I wanted to do.... This is probably going to end badly.'

you save up all the money you make while you have your looks (or whatever other valuable skill you have), so that when it goes away, you can live comfortably on your savings.

Well, in regards to money, yeah, definitely. But I was approaching it more from the aspect of happiness/purpose of life than I was from the standpoint of financial security. What my point was is that I think so many people go through life doing something that they don't really want to do because they become trapped in it, and that so many peoples happiness/purpose hinges on something that in and of itself might be entirely without enduring substance-- like good looks. But if that is what their happiness and purpose is hinging on (models, actresses, etc), then it can all be taken away so quick-- and then what?

I think that some people are totally fulfilled with just settling down, having kids, making money, etc... and I am not trying to downplay that or in any way mock it- I think that there is absolutely something noble able having a family and providing for it... but for whatever reason I simply cannot picture myself doing that.

Obviously, you were one of the latter people. At least the guns, guitars, and ammo frequently hold their value decently and can be resold.

Yeah. I wasted alot on foolish things. But I think it was all part of figuring out, or of trying to find, happiness and purpose. I used to think that those things would make me happy- but they didn't. I am just glad that I found it out when I did, instead of continuing on in it until it became my trap.

Re:Yeah, it's about the money (1)

Grishnakh (216268) | about 4 years ago | (#31615854)

Personally, freedom and security make me happy. So money is a good means to that end: money will buy you both freedom and security. Making more money, more quickly, allows you to get to the point where having to have a regular paycheck isn't so important, for instance if you own your own house, so you can take a long vacation or do something different if you have enough savings built up. No money = wondering where your next meal will come from.

It's a good thing you saw that movie, but be careful because Sean Penn totally lied in the movie. He didn't die from eating poisoned berries, he died of starvation. He wasn't able to maintain sufficient caloric intake over that long period, and his body wasted away and eventually shut down. There was a good documentary on this. They of course have covered this fact up, because it isn't as noble and dramatic as eating poisoned berries, and just makes the guy look dumb. If you want to "live off the land", Alaska isn't a very good place to do it unless you're really good at killing large animals and storing their meat. That environment doesn't support agriculture very well, so you can't grow your own food, and there isn't much edible food growing naturally. In fact, it's pretty hard to "live off the land", without being a hunter, anywhere unless you start your own little farm.

Re:Yeah, it's about the money (1)

corruptblitz (1486729) | about 4 years ago | (#31617568)

What if today, through some horrible mishap, I lost both of my arms?

I think it's "Live Each Day as if it Were Your Last", not "Live Each Day as if You Will Lose Both Your Arms in a Horrible Accident Tomorrow".

Re:Yeah, it's about the money (1)

element-o.p. (939033) | about 4 years ago | (#31614626)

Let me see if I understand what you are saying. Because you achieved a measure of success (and to be honest, $50K per year doesn't sound overly generous to me, but maybe some of this is location -- the cost of living in Alaska is rather high) due to some combination of hard work, natural talent and good timing, you felt guilty because you were making more money than people twice your age who were doing more *physical* work than you were. With all due respect, I think you were missing a couple of very important factors.

You may not have paid your dues in school, since you were expelled in 8th grade, but somehow I doubt you immediately jumped from 8th grade to IT manager. To get that position without the benefit of a GED, you obviously spent some time working hard to learn enough about IT to convince your employer that you were qualified to do the job. I *did* graduate from high school, I busted my butt to get my four year degree (in considerably more time than four years, but I digress) and I still poured a lot of time effort and money into studying system administration before I got my break in IT. If you landed a cush position without the educational credentials I earned, then (barring nepotism), you either were naturally gifted or were a very hard worker and most likely, you were some combination of the two. That means you possessed at least two qualities that are in short supply: talent and determination. If those qualities are in short supply, employers will pay well for people who possess them -- that's just econ 101.

Second, I think you are devaluing the work you did. It may not have taken a lot of physical effort, but mental effort is every bit as taxing. Leadership, vision, responsibility, and the ability to set a goal and take steps to achieve it are most certainly "work." To say that the other people working at the resort with you who were providing physical labor were more "worthy" than you, is almost certainly false (unless you spent 40 hours a week posting on /. and playing spider solitaire <grin>). As an IT manager, your decisions directly affected the business's bottom line, and therefore, if you screwed up, there was a really good chance that you would have lost your job. For example, a gardener probably won't get fired for planting a gardenia in the wrong location, but if you type "rm -Rf ./" on the wrong console window...well, you get the idea. Risk and pay are often directly proportional.

I disagree that IT work is not "hard, honest labor." Again, not all work is physical. You said it yourself: "What I am trying to say is that people making millions of dollars for contributing so little to society are doing a massive disservice to themselves in the long run." I agree. I don't think, however, that you contributed little to society (or to your employer). There is a great deal of responsibility in IT, and a lot of mental effort required to create innovative solutions to real-world business problems. Where I work, we created a revolutionary network in one of the most remote parts of the U.S. Our work brings telemedicine, distance education and a boat-load of other real-world benefits to people who have traditionally been very, very isolated. I see that as a huge contribution to at least a portion of society. I may have a lot of free time at work some days, but I have also put in extremely long hours or canceled weekend plans with my family on other days when something was broken. It all evens out in the wash.

Finally, if other people -- be they other managers, or the people they manage -- are sniping at you for the job you do, then either 1) they are insecure that a young guy like yourself is doing such a good job (BTDT), or 2) they are jealous of the success that your hard work and natural talent have brought you. In either case, it's not your problem. It's theirs and there is no reason for you to take on the burden of their issues. Are you doing the best job you can? Is your boss happy with the job you are doing? If so, then what others think is irrelevant. It might be worth quitting such a job just because it's an unpleasant environment to be in, but don't come into agreement with them just because they are old(er) and bitter.

In any case, you have to do what you think is right, and I don't mean to second guess your decision. I just think maybe you were being unnecessarily harsh on yourself and discounting the very real services that you provided. For what it's worth, while I earn my living in IT, I also have a part time job as a youth pastor, and that's the job that I enjoy the most, for many of the reasons you mention above. Given a choice of building networks so people can surf pr0n (okay, and provide distance education and telemedicine, too) or healing people's broken hearts, I'd rather heal people's broken hearts :) That is a far greater benefit to society, IMHO.

Re:Yeah, it's about the money (0)

Anonymous Coward | about 4 years ago | (#31616834)

I feel pretty much the same way about it today as when I made the decision initially. I find it difficult to explain but, I don't think that I felt guilty, per say, that my knowledge was exempting me from hard physical labor and simultaneously providing me with more earnings than those around me--- but I did feel guilty in that I believed (and still believe) that if I were to continue in it, that it would potentially hinder me from the emotional growth that I needed. For example, many of the other people in management there would be insulting towards the 'hourly' non-salaried staff. For example if we were walking around the property and they saw someone up at the top of a palm tree cutting off pieces, cleaning it up, they'd make some sort of rude comment about how the person should have stayed in school, etc... I'd see them up there and think, 'Dude, that's someones dad. What brings people to the point of finding pleasure in feeling better than someone else?'. I remember being in my teens and hearing people insult fast food workers, and I would think, 'Why? There is honor in serving people food.'... but when the days came that I'd have to tell myself, in my own head, 'You're no better than him', when walking across the property, it began to freak me out.

Since I had been working at computer shops since about the age of 14, computer related stuff just came naturally to me. I was more than fascinated with computers. My first was a packard bell 486 and I was the happiest kid on the planet. The point that I am getting at is that I didn't really have to struggle for the knowledge- I didn't have to work hard to earn the money to go to a college to learn any of it, I just picked it up as I went along by trial and error. It did require considerable effort but the effort was always enjoyable, I really think the only times that I didn't enjoy the experience was when I worked for numerous small mom and pop computer stores that wanted me to rip customers off or lie to them (which is why I ultimately ended up just freelancing solo, so that I wouldn't be forced to lie to anyone for my paycheck).

It is very true what you say, that, while I wasn't exerting myself physically day in and day out, I was certainly being taxed mentally, juggling numerous operations at once, meeting deadlines, beating budgets, etc. It wasn't 'easy' as in, without effort, but it also wasn't refining my character in any positive way at all. My studies of the Bible were at a total standstill. I hadn't picked it up in months. Ultimately the thing that was searing my conscience was the thought of--- how would I fare in the day I was confined to my deathbed? Would I honestly be able to exclaim with a guilt free heart that 'My life meant something- I beat budgets for x corporation!'. No way. I wasn't doing anything for the benefit of anyone but myself, and more than that, I was destroying my own life while helping others do the same.

Looking back on the whole situation I can see the providence of God in it. The whole reason I was there in the first place was that I had moved across the country to get away from my lifestyle of wreckless abandon in partying and drugs- I moved in with my grandparents and the closest place to their home was the resort. Without a doubt God put the job in my hands, there was no reason that someone with zero credentials like myself should have been able to get the job in the first place- and I really thought that it would make me happy- that proving my skills on the corporate level would bring me satisfaction, that the money and respect would fill the void in my life, but it didn't.

Life is wild. Now, I am volunteering doing computer stuff at a small rural Bible college and academy. Noone would have been able to convince me 5 years ago that I would be doing this today. How much more impossible would it have been to convince me that I would be happy doing it.

Re:Yeah, it's about the money (1)

Bigbutt (65939) | about 4 years ago | (#31613542)

Well, considering most folks don't really work for IBM (most are contractors subject to dismissal at a moment's notice), I'd go with Basketball.


Re:Yeah, it's about the money (3, Funny)

chill (34294) | about 4 years ago | (#31613726)

Compare apples to apples. Here is an oldie, but a goodie:

Michael Jordan having 'retired,' with $40 million in
endorsements, makes $178,100 a day, working or not.

If he sleeps 7 hours a night, he makes $52,000 every
night while visions of sugarplums dance in his head.

If he goes to see a movie, it'll cost him $7.00, but
he'll make $18,550 while he's there.

If he decides to have a 5-minute egg, he'll make
$618 while boiling it.

He makes $7,415/hour more than minimum wage.

If he wanted to save up for a new Acura NSX
($90,000) it would take him a whole 12 hours.

If someone were to hand him his salary and
endorsement money, they would have to do it
at the rate of $2.00 every second.

He'll probably pay around $200 for a nice round
of golf, but will be reimbursed $33,390 for
that round.

He'll make about $19.60 while watching the 100- meter dash in the
Olympics, and about $15,600 during the Boston Marathon .

This year, he'll make more than twice as much
as all U.S. past Presidents for all of their
terms combined.

Amazing isn't it?

If Jordan saves 100% of his income for the next
500 years, he'll still have less than Bill Gates has
at this very moment.

Game over. Nerd wins .....

* * *

Now compare your average mid-level technical employee vs the jock who majored in sports and see what is what.

Re:Yeah, it's about the money (1)

timeOday (582209) | about 4 years ago | (#31613746)

I don't believe the starting salary at IBM for a technical position could be only about $50K, is it?

That's what it was 11 years ago when I interviewed there.

Don't worry! (1)

brennz (715237) | about 4 years ago | (#31612402)

If the universities fail to produce enough security experts, ISC2 [isc2.org] is happy to convert your tech support guy into a CISSP for the low rate of $600, and $200 a year thereafter! If you order now, you can also get a CAP certification along with a free toaster.

Universities aren't taking it seriously either (3, Informative)

Admodieus (918728) | about 4 years ago | (#31612478)

At my current university, there are two undergraduate networking courses and one undergraduate security course. There's one network course in the graduate curriculum, but that's meant as a recap of the two undergrad ones if you didn't get your undergrad here. I would love to load up on network and security classes, but there's simply none being offered.

Re:Universities aren't taking it seriously either (0)

Anonymous Coward | about 4 years ago | (#31613318)

I went back to school after 14 years and was surprised to see the local community college running an Information Assurance program headed up by a former member of the US Special Forces. Some schools are taking it seriously.

Re:Universities aren't taking it seriously either (1)

chill (34294) | about 4 years ago | (#31614104)

And there lies the biggest problem. The majority of people have been so brainwashed to think college and university education is the answer, they don't know where else to look much less how to learn. It is not just you, it is also some of the idiots doing the hiring.

I'll let you in on a little secret. In the IT world and especially security, experience counts for much, much more than any degree. Degrees get you past HR bots and substitute for experience only in kids coming right out of college who ONLY went to college.

Screw the college courses. Take some SANS courses, get your CISSP and possibly GIAC certifications. Pick a specialty and LEARN it. I don't mean regurgitate answers to the CISSP exam, actually GROK a subject. If you're interested in NETWORK security, know TCP/IP inside out, understand BGP, grasp the basics of Cisco IOS, speak Nessus, Wireshark and Snort like second languages.

When interviewing people for jobs like these, I'm interested in what you KNOW not what classes you took.

Re:Universities aren't taking it seriously either (1)

pnutjam (523990) | about 4 years ago | (#31615086)

Yeah, but you better have that bachelor's degree too. I have an AS, with 10 years of experience. I am very good and very dedicated.

However, many if not most organizations around here (midwest) will not even interview someone without a bachelor's degree.

I tend toward IT in non IT companies.

Re:Universities aren't taking it seriously either (1)

chill (34294) | about 4 years ago | (#31616340)

Yeah, you have to backdoor the system. "It isn't what you know, it is who you know." The Bachelors gets you past the know-nothing HR screening person. You need to find another way to do that. Join a couple industry trade groups, like AITP and network your ass off.

Me == AA degree, 20 years XP, currently working my ass of on 2 $100K+ jobs, 1st and 3rd shift.

Re:Universities aren't taking it seriously either (2, Insightful)

centuren (106470) | about 4 years ago | (#31614454)

At my current university, there are two undergraduate networking courses and one undergraduate security course. There's one network course in the graduate curriculum, but that's meant as a recap of the two undergrad ones if you didn't get your undergrad here. I would love to load up on network and security classes, but there's simply none being offered.

I don't really feel that having a lot more is appropriate. I'd rather see people with degrees in Computer Science go into network security then see people graduate with a specialty in Network Security. When I think "Cyber Security Expert" I think of someone who, say, writes custom kernel patches, works in the field of cryptography, or writes packet-level intrusion detection tools. These are all security things, but they don't need security courses given in university to match them. Knowing how to patch a system to be more secure is a result of knowing how those systems work on that base level. Cryptography means studying lots of math. Communication and authentication handlers is again, understanding how it's handled in the OS.

The problem with network security courses at school, is they either have to be offered late in your program, or be largely superficial. If you're interested in the field, I'd talk to some people in the industry (I hear the government is recruiting), and ask what you should be studying. Recruiters, specifically, as they'll be able to say what they look for in a graduate's skill set.

Re:Universities aren't taking it seriously either (1)

element-o.p. (939033) | about 4 years ago | (#31615296)

They actually offered a "computer security" course at the University from which I earned my Bachelor's Degree. Unfortunately, the "computer security" course they offered was a monumental waste of time. We spent almost the entire semester learning about encryption algorithms (RSA, DSA, etc.) and coding these algorithms. While it certainly is important to understand encryption, there is a *lot* more to computer security than being able to implement an RSA encryption algorithm.

Sports = Big bucks... for the school (1, Insightful)

Anonymous Coward | about 4 years ago | (#31612508)

Unless the US government is planning on becoming a university booster, then I would expect that sports programs will continue to get the scholarships. He is right, they are playing for money... college sports is big bucks for the school.

Re:Sports = Big bucks... for the school (1)

dferrantino (1630629) | about 4 years ago | (#31614294)

This, this, a million times this. The schools aren't going to offer cybersecurity scholarships unless they can make that money back somehow. If the DoHS wants more cybersecurity experts, they're going to have to provide those massive scholarships themselves.

It's hard to learn (5, Insightful)

Anonymous Coward | about 4 years ago | (#31612556)

when the government and industry decide to move away from making systems and software increasingly more secure and instead focus on draconian laws with punitive sentences that start at a decade for benign acts regardless of intent or whether you informed the target of their weakness and how to correct it.

Security through sentencing.

Re:It's hard to learn (0)

Anonymous Coward | about 4 years ago | (#31614446)

Yes, if you ban guns only criminals will own guns.

Re:It's hard to learn (1)

element-o.p. (939033) | about 4 years ago | (#31615424)

Meh...hacking into other peoples' systems without prior permission is kind of a big deal, in my opinion. However, I have always thought it would be fun to have some kind of cracking LAN party. Bring your laptop (or whatever), with the understanding that others at the party *will* be trying to break into it. Last one owned wins. Then when it's all over, everyone tells everyone else what they did to break into the box and what the owner of the box could have done to make it more secure. When you're done, you burn the box to the ground and rebuild it from scratch, just to be sure.

You gain valuable knowledge about securing your own systems and about exploiting other systems. You get the fun of cracking and the benefits of "lessons learned" without the legal risk of unauthorized cracking or the expense of recovering from a security breach on a production system.

Re:It's hard to learn (0)

Anonymous Coward | about 4 years ago | (#31619080)

Cyber Security experts aren't just "keeping people from hacking". Cyber security is another word for cyber surveillance. Why else do you think Homeland Security is behind it? Ultimately it's about spying on and intimidating political activists, trying to keep them from using the internet. Have you been watching the corporate news? According to them, there are throngs of "anti-government extremists" just chomping at the bit to commit acts of violence (yeah. right.), and if only DHS could monitor every single person in the country, we'll be safe. They take one isolated incodent and say: "See? See? One person comitted an act of violence! The world is going to end! The turrists are everywhere! End freedom immediately!"

Can someone tell me why we need a bunch of military people being payed to spy on civilians? Makes Bush's illegal wiretaps look like a walk in the park. I guess "the turrists" won, didn't they?

Change; hardly.

I wonder if Sealand is still for sale . . .

In the meantime .... (1)

artgeeq (969931) | about 4 years ago | (#31612720)

How are cybersecurity experts really trained? In universities? Private industry is on the cutting edge of computing, not academia.

So, what about private industry? Would anyone really want their son, daughter, nephew or niece to to go into any field that would prepare them to be cybersecurity experts? Outside of jobs that require security clearances, it seems that there is a pretty good chance of getting offshored or at least oursourced. Who wants that kind of job security?

Funny, despite all the comments universities, when earning an "advanced" degree in computer science (where many of the students could not program their way out of a wet paper bag), the US government gave me no tax breaks whatsoever with the hefty tuition. In my case, I did not overly care, but in general, the incentives for earning academic credentials in computer science seem somewhat limited.

Cyber Corps (1, Informative)

Anonymous Coward | about 4 years ago | (#31612930)

The Gov has had this program going for over 10 years:
"The Federal Cyber Corps Program
The Cyber Corps Program is open to students currently completing their junior year of undergraduate school or first-year of graduate school. In addition to a stipend of approximately $1,000 per month, the Program pays for each student's tuition for two years, room and board, and travel to conferences.

After one year of training, students complete a summer internship in a federal agency, learning first-hand about computer security issues and putting into practice what they've learned in class. By the end of the second year students earn an undergraduate or graduate degree in computer science in addition to multiple federal-level computer security certificates as endorsed by the Committee on National Security Systems (CNSS)."


The government isn't hiring them (1)

99BottlesOfBeerInMyF (813746) | about 4 years ago | (#31613002)

There are lots of people out there interested in cyber security. "Hackers" are in all the movies and are kind of cool. But the ability to become a legitimate security expert is limited, partly because the government which hires tons of people to perform physical investigations and fire guns, has failed to keep up with the times. Look at the military, for example. If you want to be a well paid cyber security expert, or even an important one, you basically have to go into the private sector. You're sure never getting promoted within the ranks of the armed forces, or even well paid so why deal with being constantly undervalued? And their focus is completely wrong. First unlike the private sector they care about how physically fit you are much more than about how competent you are. Second, they care a lot more about credentials and conformity than the industry does. Computer, especially computer security is a young field. I've worked with lots of network security experts that had a PhD and wore a suit, but I've worked with just as many that had no degree (or a degree in jazz) and wore lewd t-shirts or dressed like The Cure. Industry considers this latter category to be a huge asset and even makes sure to show them off to clients; we have those quirky genius types on staff. The government just writes them off as not real experts because they didn't give up a $100k job doing real security to go back and get a degree they don't need.

And frankly, while the industry has respect for the NSA, it has pretty much written off the rest of the government as a lost cause when it comes to security. They're too firmly in the pockets of corporate interests, useless contractors, and bureaucratic nonsense. How many competent security experts have refused or quit working for homeland defense saying it was impossible to do the job given the resources and idiotic policies?

Seriously, if the government does not think there are enough experts, start handing out scholarships and setting up internships. The NSA already does so. Better yet, start hiring security people with actual authority and discretion, like experts in some other fields have. Put security experts in charge of hiring, retaining, promoting, and running security, instead of being beholden to superiors who want to run them like they do the motor pool.

DHS already has a scholarship program, but (0)

Anonymous Coward | about 4 years ago | (#31613036)

DHS has a small scholarship/fellowship program (http://www.orau.gov/dhsed/), but the fellowship program is on hold this year (http://www.orau.gov/dhsed/2010pages/fellowship.html).... Now the DHS cybersecurity guy is complaining and saying "more scholarship money!". Go figure.

Universities lag behind the technology (1)

r7 (409657) | about 4 years ago | (#31613058)

Universities are lagging not just in security tech but systems tech in general, and systems administration in particular. Network engineering training programs do a a much better job, and software engineering programs do a fair job addressing security. The missing component is systems administration.

Security is only as good as its weakest link. If you are focused on communications, or focused on code, and ignore the larger picture (i.e., systems) vulnerabilities will be inevitable.

Another problem is financial. Bean counters and stock holders are focused on the short term whereas security requires a long-term perspective. Because new features can be implemented quickly, without taking time to implement security (see any Microsoft OS for the most obvious examples) they often are. Only high-level input from systems analysts (i.e., senior systems administrators) can address this/ This is also why a lot of applications are coded in scripting languages like PHP and Perl which don't provide for strong compile-time code checking or have good run-time security profiles.

When universities have Unix/Linux Systems Administration degree programs we will see better computer and communications security, especially if those programs are run by experienced sysadmins (as opposed to PhDs or career academics). When systems administion graduates have a seat at table alongside project managers, software engineers, requirements analysts, hr and accounting you will see better security.

Until then it will continue to be the same ol' same ol', with lots of activity in Bugtraq and CERT, and lots of time wasted on software upgrades.

Athletic scholarships (0)

Anonymous Coward | about 4 years ago | (#31613102)

At my university athletic scholarships are funded in part by dedicated donors only interested in athletic programs ("No, I won't give anything to the university as a whole, but I will buy red turf for the football field." Really.) And much of the shortfall is made up by student "activity fees" about half of which goes straight to the athletic department and a big chunk of that to scholarships.

That's not the problem (1)

Judinous (1093945) | about 4 years ago | (#31613140)

There are plenty of people graduating with computer security degrees these days; I'm one of them. There are quite a few programs already offered by various colleges to attract more security students to their program. RIT, for example, offers what essentially amounts to a free ride for anyone who is willing to work for the NSA after they get out. I live in Texas, so I know from personal experience that Texas A&M, UTSA, and a plethora of smaller universities and community colleges are cranking out security graduates non-stop. The CCDC (Collegiate Cyber Defense Competition) is a pretty big deal in this area.

The real problem is that very few 20-somethings in this field want to work for the government, let alone the DHS of all places. Anyone who is coming out with a security degree is obviously going to be active on the internet every day, and I shouldn't have to explain the general feeling towards government cyber-security practices among the internet crowd on Slashdot, of all places. Even here in south Texas, where you'd expect the most support for agencies such as the DHS, I've never met a security major that is at all interested in working for the government, despite what essentially amounts to begging and pleading to take a job there. I know that I probably couldn't look myself in the mirror every day if I worked for the DHS or NSA as a security expert. Protecting our nation's computer infrastructure is one thing, but there is no one in the field who believes that's actually all that our government does with its security staff.

Mod up! (0)

Anonymous Coward | about 4 years ago | (#31613328)

Extremely well said.

Re:That's not the problem (0)

Anonymous Coward | about 4 years ago | (#31613372)

Boy, that's a long winded way to say that you don't want to take the drug test.

Define the job first (1)

ErichTheRed (39327) | about 4 years ago | (#31613278)

One problem with IT in general, and especially its little niche subfields, is the lack of formal training. Skilled trades get apprenticeships to teach newbies the ropes on the job. Professions like medicine, pharmacy, engineering, etc. have standard accredited training and licensure requirements.

We have none of that. The field is still so wild-westy that vendors largely control training and education. Universities provide grads a CS or a "vocational" IT degree, but it's all theory. Lots of us didn't even go to school. I'm a science guy by education, and wound up here. Other people I know were educated in something not even close to IT. Still others took the "Get Certified and Make $100K In 10 Days!!!!" training courses.

When a software developer or IT guy gets out in the real world, the education side of things is usually left up to vendors, who are desperately trying to push their latest product. It takes a new guy a long time to realize that (a) VendorX doesn't have a completel lock on FieldY, and (b) VendorX is trotting out the exact same thing as 10 years ago, this time with an improved support structure. (Example: VDI is "OMG -drool- brand new hot technology" but VMs have been around in the mainframe world for eons, and thin clients have been...OK...for years. The difference now is that bandwidth is cheap and fast, which it wasn't 10 years ago.)

So what do the Feds want as "cybersecurity experts?" Are they thinking of capturing virus writers and forcing them to work for us? Are they thinking the guy installing Symantec Antivirus from vendor instructions is an expert? And what could universities possibly do about it? Courses like "CYS 425 - Introduction to SQL Injection Attacks?" In my mind, anyone who really belongs in the "IT profession" should be grounded so well in the fundamentals that they can be crafty enough to find security flaws in their own software. If they're systems guys (like me,) they should be smart enough to test vendor assertions.

Instead of just giving scholarships for CS degrees, I think the profession should rally around making sure everyone is qualified for an IT job at the level they're working at. And I think that some of this needs to be general enough to transcend vendors. Someone should know "operating systems" instead of "Windows" or "Linux". it shouldn't be an absolute culture shock to take a person working in a Windows environmnent and put them in front of RHEL with a small amount of introduction. How many of you guys work in Windows-centric place that has one Linux box everyone is afraid to touch? THAT'S what we have to fix!

Richard Marshall is a lawyer (2, Insightful)

Animats (122034) | about 4 years ago | (#31613302)

Of course people aren't going into this field. Look who's in charge.

This Richard Marshall, "Director of Global Cyber Security Management, Departent (sic) of Homeland Security", is a lawyer. From LinkedIn, his undergraduate degree, from The Citadel, is in history, English & political science. He then went to Creighton and Georgetown University law schools.

The last person in that job who knew what he was doing was Amit Yoran [wikipedia.org] , who had a computer science degree. He kept saying that Microsoft operating systems were the big problem, and was sidelined for that. He was replaced by Cisco's lobbyist.

What we have now is a lawyer making policy recommendations that effectively mean doing nothing. That's "Homeland Security".

Barriers (1)

The Aethereal (1160051) | about 4 years ago | (#31613806)

If we don't have enough cybersecurity experts, why are we passing a law requiring licensing, which will only bar more people from the field?

Its not in the culture (0)

Anonymous Coward | about 4 years ago | (#31614154)

In the American culture, its the norm to take someone who was born at the right time of the year (for hockey thats January, Febuary or March, for Baseball thats August or September), realise that these kids "are so much bigger than other kids in their grade"...because they are, they were born at the right time of year, give them more playing time and encourage them to play, give them better coaching and better equipment and the next year its the same (still bigger than a kid 10 or 11 months younger than they are) and give them more opportunities, then give them scholorships to go to college, and then pay them crazy amounts of money on the job. In computers, people pay their way the whole way, they may get labelled 'geek' in school (and not in any kind of good way), they encourage those in sports to attack them at school and bully them 'to help with the sports players self image'. Then the 'geeks' finish school, they take on manual labor jobs to pay for higher education. They are berated because they are not as fast nor as strong as the 'athletic' employees. They persevere, go to college, put out 50 resumes to get 1 call back working in something still menial 'clean the computer' vacuum the dust out of them, etc. But hey its a start. They can then start paying off the student loans for college (loans plus interest). After graduating from computer janitor to actually doing something to affect the operation of the computer, they can expect to be berated by staff for the staff members mistakes, and be paid accordingly. Who wouldn't want to jump in and be an overworked, underpaid, unappreciated security guy, who can be blamed for 'ruining the company'? And after 'saving the company' be told 'if you had done your job in the first place we wouldn't have to pay you overtime, so we won't'. I can see guys lining up for this. Ready and waiting to be quizzed "Do you save security 2.10A with extra extension.?" Those without the extra extension need not apply! And the latest software upgrades (the ones that came out last week), you should have 5 years experience with them!

I'm pretty sure... (3, Informative)

Blue6 (975702) | about 4 years ago | (#31614774)

Most of these stories are puff pieces done for or due to the FUD big consulting companies like CSC, Lockheed, Northup put out to the Bureaucrats in order to keep billing rates high. I have over 10 years of networking experience and a MS in Info Sec from a DHS sponsored school. I have applied multiple times to various positions and have never received a response back.

Define Cyber Security (1)

mordred99 (895063) | about 4 years ago | (#31615716)

You have to define Cyber Security. Do you mean Code Hacking, Network Sniffing, Biometric Algorithm Creation, new Theoretical Application Creation, Compliance Program Expert, Firewall Manager, etc. Each different job requires a different skill set. If you want someone that can do all of these, then you have to pay the proper salary for that person, wait 10 years after they graduate so they have the skills to do each of those jobs, etc. Currently the Cyber jobs I look for want all of those things, plus 10 years experience, when the fields have only existed for a few years. Define Cyber Security - and then define what you are willing to compensate and define the requirements then you will be able to make broad statements about enough people in the field to fill a job requirement.

Age Issues (1)

sjanich (431789) | about 4 years ago | (#31615902)

DHS has lots of Cybersecurity job postings.

Here's the catch:

If you have spent the last 20years of your post-college professional IT life working in different combinations over time of systems administrator, network engineer, IT project manager, programmer on security, security-ish, and non-security projects and day-to-day IT work, then the you - the 40+ year old - are deemed to be to fucking old to take a new job at DHS/USGOV as as an IT Security Specialist.

So, that cuts the pool of those available to USGOV by 40-60%.

USA: Defenseless, Weak, and Exploitable (0)

Anonymous Coward | about 4 years ago | (#31616752)

For months now, I have seen a campaign in the press to present the USA as defenseless, weak, and exploitable as far as our networking infrastructure goes. We are in a crisis of not enough experts to secure our networks. The demand is for huge sums to be given to education (including certifying apparently the entire Pentagon staff with that worthless CEH junk) in the hopes that some day, we can catch up. For now, we're wide open. So, badniks, here we are, caught off-guard by the security crisis. Please attack us! Show us who you are and where you come from and what areas of our network interest you. Hurry, this crisis won't last forever. (A real military analogy of what's going on is counter-sniper fire. A soldier pokes his helmet up over the parapet of his trench, while another solider notes where the sniper is firing from.)

why not use the hackers in jail to work for gov so (1)

Joe The Dragon (967727) | about 4 years ago | (#31617584)

why not use the hackers in jail to work for gov so they can help us and not just take up lockup space?

Looking in the wrong places (1)

rhythmx (744978) | about 4 years ago | (#31619240)

About 20% of the best people I know employed as Security Researchers did not even graduate high school, including myself. I see this trending downward as more and more schools now have something of a security curriculum, but its still very much an industry of self-motivated voodoo programming. Universities have always been decent at training operational security people (configuring/monitoring security appliances and policy issues), but I've yet to hear of a school with a good program on vulnerability discovery, exploitation, and reverse engineering code. For me, at least, its much more of a mindset thing more than a skillset thing, which is a lot harder to teach.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account