As long as cybersecurity is treated as a criminal issue instead of a safety issue we will continue to see cybersecurity as an elective for computer science students. As a computer & systems engineering student I was required to take a couple of mechanical engineering courses. One of the courses opened up on the first day with a video of the Tacoma Narrows bridge collapse due to high wind. I would love to see a first computer science class open up with a command injection attack compromising a web server and then follow through with lessons about building systems safely.
I have hope with the Secure by Design language being used that professors and students start to see systems vulnerable to attack as engineering failures and not just simply the way things need to be to innovate. Without secure software engineering the result is outsized risk that must be mitigated in a variety of expensive and ultimately ineffective ways.
We can't control bad actors just like can't control the wind. Design and build software with this in mind.
Chris Wysopal /
npub1xv…k2xsn
2024-01-26 15:04:15
Author Public Key
npub1xvn5mn92n5p3pd9kcnae9py8n97fcp40ch3ah2xyqfuxeaznh4jq0k2xsnPublished at
2024-01-26 15:04:15Event JSON
{
"id": "9824d1d2e485d2dcf9fa3a23c6f301ec89079faed83f66c17193716b065b44e4",
"pubkey": "33274dccaa9d0310b4b6c4fb928487997c9c06afc5e3dba8c402786cf453bd64",
"created_at": 1706281455,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/Weld/statuses/111822861479786754",
"activitypub"
]
],
"content": "As long as cybersecurity is treated as a criminal issue instead of a safety issue we will continue to see cybersecurity as an elective for computer science students. As a computer \u0026 systems engineering student I was required to take a couple of mechanical engineering courses. One of the courses opened up on the first day with a video of the Tacoma Narrows bridge collapse due to high wind. I would love to see a first computer science class open up with a command injection attack compromising a web server and then follow through with lessons about building systems safely.\n\nI have hope with the Secure by Design language being used that professors and students start to see systems vulnerable to attack as engineering failures and not just simply the way things need to be to innovate. Without secure software engineering the result is outsized risk that must be mitigated in a variety of expensive and ultimately ineffective ways.\n\nWe can't control bad actors just like can't control the wind. Design and build software with this in mind.",
"sig": "5581927d98bf223e8800c1cf2629d047b223794a4319c1731c63bd685ac160c8edb6e9faef00b656d620c8c1d242e8bfd106f36e0d9d2d05fa71a9eaa7806eae"
}