Career Advice Tuesday: Major Problem

November 2, 2010

Dear Lee and Mike,
I am currently in college and need help selecting a major. I am interested in computer information technology but the university offers several paths.  I am leaning to network/system administration and security. What do you think about it? What will be the career path for this B.S. Degree?  I am drawn to the security because I believe this will be one of the most demanding area in securing data and other personal information. Like I said I am now starting, so changes can be easily made if necessary. If possible what will be a realistic starting salary for a B.S. Degree in this field? Your help will be greatly appreciated.
Sincerely,
Current Student.

Current Student (or, CS as we’ll call you),

If you’re thinking about coming to security from a degree perspective, we’re big fans of having as broad a background as possible in information technology beforehand.  Thus, we like your choice of programs: a program that combines system and network administration with security will give you a broad understanding of the architectural and operational concerns with deploying technology while you also gain an understanding of the security concerns of those same systems.

This is one of the problems that we see with a lot of security-specific degree programs – risk management is often an incredibly nuanced discipline, requiring a detailed understanding of the systems in play before one can make detailed risk management decisions.  Nowhere is this issue more obvious than the financial crisis in the USA over the past 5 years.  The issues of managing risk within complex systems like credit default swaps and mortgage-backed securities requires a detailed understanding of all of the technical issues.  And, unfortunately for all of us, those engaged in attempting to manage that risk did so without that understanding.  And it caused massive issues in the way that risk was managed.

Unfortunately, degree programs that don’t provide their students with an effective background in the systemic issues that they’re attempting to risk manage lead to the same problems.   We’ve both seen far too many people who claim expertise in an area of security without an adequate background – for example, someone who claims expertise in secure software development and SDL without an understanding of computer science and software engineering practices.

An education path that provides both will serve you well in the future.

Mike & Lee

P.S. As for “starting salary”, that’s so dependent on your own experience (outside of your degree), your location, the type of company that you work for, etc. that we’re not even going to hazard a guess.

Posted by mmurray | Filed Under Career Advice Tuesday 

Comments

Comments are closed.