We are launching a new series of interviews with Kaspersky Lab experts enquiring their opinion regarding cyber-security industry and related threats. Here, MArco Preuss Director, Europe, Global Research & Analysis Team, Kaspersky Lab. His interests: Malware Intelligence, Mac Malware, Cyber-Underground Research, Protection Technologies, Privacy, Password-security
1)What would you say is the main reason for students to study information security?
We live in the information age. Data is the most valuable these days and in future. Due to evolving technologies, new advantages and challenges protection is a top priority for all of us. Students in this area study as they know it’s not a common task as information security changes every day, offers development for their future jobs and carrier, offer a lot to grow into and gain new expertise.
IT develops at such a rate that surely it’s difficult to give students materials that are still relevant.
For sure this is a challenge. You may find this correct for a lot of areas. You can limit this of course through focusing on specific topic within that area. Further it’s important to give the students an active role, helping them being on top rather than just supplying them with material.
3)Just how long-term do you think the current high demand for information security specialists will be?
It’s of course not easy to predict the future. But for IT-Security I don’t see a drop in this soon. More devices and new technologies are distributed. There need to be experts to take care abouttheir security as with these more and more confidential data is processed and stored.
4) Is a good knowledge of mathematics and programming essential for a student interested in studying information security?
Basic mathematical knowledge is fundamental to understand the principles and gives the set of thinking. Programming is indeed as well important as you will need to automate stuff, create tools for your research or to explore new areas. This may be true to a certain extend for several areas in IT but in Security it’s a must.
5)Are there any cyber-threats that specifically target students and educational institutions?
There are different kinds of cyber-attacks going on. Common cybercriminals are interested on money and therefore don’t care about who’s the victim. When it comes to espionage it’s a different story, as educational/research institutions may own knowledge/data which might be interesting.
6) Which course would be most suitable for students – not just those specializing in information security – who want to learn about information security? What would need to be included in such a course?
This heavily depends on the area of interest within IT-Security. A course on data-analysis would be important as more and more data needs to be processed and intelligence needs to be extracted. This would heavily go into algorithms for processing, handling of large data-sets and of course also visualization to make sense of the raw-data and the output.
7)Have you noticed a shift towards consumerism in IT education where students (with the exception of specialist faculties) are learning to use applications, but not learning to program and understand the technology?
I think you often have this split in complex areas. This differentiates between a good and solid education in order to be or become an expert and the ones just having a paper in the hand at the end. This of course makes it harder when it comes to getting a job, as today with the high demand of experts, a certain level of expertise is required too.