Painpi!! 1206 Computer Security Ethics

CISSP on February 17th, 2012 No Comments

This is the Security “The Pain Pill” because only a few of us take vitamins.

Every week I talk about a security topic in simple terms to reduce our security load, increase our efficiency, and make our security work better. There is a free class on the topic so you can have a deep dive. If you need continuing education credits, this counts.

If you would like to learn about Physical Security in our live class Friday, February 15, 2012 at 12:30 Central time, wait till class and type your name here

This post with the video is here
Ethics in Computer Security

I created the first MCSE at night program in the days of NT4. My first three groups of  students became hard-core networking engineers. They had the background. They worked hard at becoming experts. I am proud to say that two students out of my first 45 received 2 perfect scores. 1000 on a Microsoft exam is hard work, skill and a little luck. This was when there were only 5,000 MCSEs in the world.

I thought: WOW Great students! Great teaching! Great learning!

The company did a monthly meet-and-greet session, where prospective students were brought into live class and then we had a reception.

The first thing I did BEFORE the students signed up was give them an aptitude test. I thought, if you are not going to make it, save your money. This was NOT going to be that late night commercial for earn-big-money-no-experience-necessary. Boy was I wrong!

These meet and greets started getting big. Sales people were doing them every week. We were starting a class every other week. We were rockin!

Six months later: no one was coming to lab days, but people were still passing. I knew these people could not network their way out of wet bag. I would ask a question… nothing… Deer-in-headlights-look. A few weeks later, they would pass the test all the same.

Then I saw something that cut me to the core. These new students were cheating using brain dumps. What kind of honor did they have? What did this say about us?

Well everyone else is doing it, Why not them?

I went back to the salespeople and the president of the company and asked what was going on. Their reply: it is their problem, not ours. If they give us the money, you teach them as best you can and if they choose to cheat, that is on them.

This was crap! I wanted to help make great network engineers.

As you all may know, this was happening everywhere. Students would take the test and tell the everyone else what was on it. Paid brain dump websites started to become the norm. It was a late-night-get-rich-quick scam. Salespeople were making money. Students were passing. If you had an MCSE on your resume, you got a job. What about ethics? What about Honor?

At first I looked the other way. But letting cheating in any capacity continue when you know about it is wrong. It started to eat at me, like a rat and some stinky cheese.

When we went to build our own business, we chose certifications where cheating would be punished severely. Today, with the CISSP, if you get caught cheating,you are out. If any of the real exam questions show up in those brain dump sites, we all turn it over to isc2′s legal council and the site gets ripped down fast. If I see it, I stop it.

What impact does cheating have on the regular business?

It depresses salaries and inflates job requirements. All these exams are a minimum competency. The experience and the difficulty in amassing the knowledge to pass the exam tells the interviewer that you can do the job at a certain level. If we cheat or let others cheat we dilute the the value of the job we do and eventually we become less valued. Now it takes even more certifications to get the job. The position that once paid X now pays 1/2 of x.

I say we can all be much better than the exam we take. I hope my students like it when I push them to do more, not less. Then when they take over the security of  an organization people, will feel secure and be secure.

We are going to talk about ethics on Friday at 12:30 Central time. Join us. by clicking the link below.

2012-02-17 12:30:00

http://www.expandingsecurity.com/contact-us/adobe-connect-login?theclassid=3120&company=ES&namex=pp1206&link=http%3A%2F%2Ftraining411.adobeconnect.com%2Ff_45%2F

Or bit.ly/pp1206

No Responses to “Painpi!! 1206 Computer Security Ethics”

Leave a Reply

You must be logged in to post a comment.