We continue series of interviews with Kaspersky Lab experts enquiring their opinion regarding cyber-security industry and related threats. Here, Vutaly Kamluk, Principal Security Researcher, Global Research & Analysis Team
1.What would you say is the main reason for students to study information security?
We live in very interesting times: with the help of our global networks humankind has transformed itself from a group of individual organisms into one huge organism. Our actions, thoughts and decisions can instantly affect people on the other sides that maintain our current evolutionary condition.
But the vulnerabilities of our technologies, coupled with the abundance of digital devices connected to the Internet, open up a full range of possibilities to use this progress against us. A beneficial technology can become a weapon. Who will protect us and our relatives if not ourselves? Maybe you will avert a global manmade disaster, or maybe your knowledge will keep the good and evil powers on the Internet in harmony.
2.How do educational institutions keep up with the IT sector?
IT develops at such a rate that surely it’s difficult to give students materials that are still relevant. Educational institutions help students to understand science for themselves. The knowledge you get at universities will more likely be outdated by the time you graduate. But if you know how to learn, you will adapt to the new challenges and technologies. Learn how to learn as you follow your different disciplines at university. If you manage it, you can manage anything.
The number of cybercriminals increases every day. And the numbers will continue to increase until the day when everyone on Earth is connected to the Internet. IT experts will be needed for a long time. Besides, the IT field is a sphere with a huge opportunities to master your skills.
4.Is a good knowledge of mathematics and programming essential for a student interested in studying information security?
Specific technological skills can be very useful, but it’s more important to build an understanding of technology in an abstract sense. I suppose pure math is the pinnacle of abstraction, so mathematical skills contribute a great deal to our understanding of high technologies.
5.Are there any cyber-threats that specifically target students and educational institutions?
Of course there are. Sometimes these threats are designed by the students themselves. But in serious research projects, most of the threats are designed by experts. Finding and stopping an attacker is not only an academic task, it’s something that is needed in real life, a test of competency and survival skills.
6.Which course would be most suitable for students – not just those specializing in information security – who want to learn about information security? What would need to be included in such a course?
It’s a course that explains the weaknesses of human nature, the vulnerabilities of human psychology. It looks into imperfect constructions and poor decision-making in the sphere of IT security. IT security has so much in common with security in real life. If we learn to recognize the imperfect constructions that give the scammers and fraudsters opportunities to exploit people in real life, we can learn to use this knowledge in the IT sphere.
7.Have you noticed a shift towards consumerism in IT education where students (with the exception of specialist faculties) are learning to use applications, but not learning to program and understand the technology?
I don’t work in an academic field, so it’s hard for me to assess this trend in the educational sphere. I know that some teachers merely teach their students to push the right buttons in the right order. This is a huge mistake, which only the student can correct. The student must ask the big question: “How does it work?”
Then, if the teacher can’t explain it, students should seek the answer themselves until they find it. The buttons and the tools are no match to the understanding of the human that controls them. If you understand how it works, you can manage any program, and, if necessary, even write your own. That’s what everybody should strive for, regardless of any popular trends in education.