Hi Craig.
CW> Although the maths is useful to have and I will never tell
CW> anyone not to study, it is in this case not a part of the answer.
CW> Security is not just about crypto.
Unfortunately in year 2000 I was amazing, that crypto is the Only way
to real security, but now I agree with this opinion.
Only cryptography suppose absolutelly open information about all, but
encryption keys. You can get all - hardware. storage devices, traffic,
files, etc. But you will take NOTHING.
Another security measures is like an additional wall, you can jump
over the wall, you can brake it, and get control on protected system.
Security without cryptography is a kind of superficial glance to
security, only Cryptography is real base for Real security.
Regards
Vladimir
P.S. Sorry if I'm late, i've been out of my home city :-)
CW> Cryptographic tools are but one of many tools in an arsenal.
CW> Further they do nothing for the biggest issue, people.
CW> I am happy to chat about complexity theory and Statistical
CW> methods - but this does not make them more than they are - a tool.
CW> One of many in fact.
CW> Regards
CW> Craig
CW> -----Original Message-----
CW> From: Vladimir B. Kropotov [mailto:slyman2000@Mail.ru]
CW> Sent: 2 February 2006 5:49
CW> To: security-basics@securityfocus.com
CW> Subject: Re: MS in information security
CW> Hi all.
byc>> I noticed that the question of 'CISSP or degree' got a lot of
byc>> feedbacks and comments. I am also considering more education in
byc>> order to enter security field. I already have BS degree from good
byc>> school and working for a IT company working with various
byc>> applications. However, I have always wanted to be a little bit
byc>> more technical and be exposed to more research-like environment.
byc>> Not sure if I want Ph.D., but definitely looking at one of those MS
byc>> in information security. Georgia Tech and several other reputable
byc>> universities offer such program.
CW> In russia we have more than 10 years experience in
CW> Information Security education. The only one Real security - good
CW> and strong cryptography.
CW> Any other things - it's just additional measures.
CW> Long time ago, when i was freshman in the university - i had
CW> to disagree with our Gurus but now 9 years left and I absolutelly
CW> agree with them. So if you wanna be in 'real' security - you must
CW> have good math base - it's not possible to get it in two yaers. I
CW> have 4.5 years of math in university and it isn't enough. I'm
CW> learning math 4 years after graduation, but it isn't enough. I
CW> think 10-12 years of continuous math learning is enough ;-).
CW> If you want became security folk - University is a good start :-)
CW> But the only university degree - is NOT A SILVER BULLET!!!
CW> Good luck
CW> Vladimir B. Kropotov
CW> Bauman university
CW> Moscow
byc>> After working almost 2 years in industry, I know that experience is
byc>> really important and that I can acquire the knowledge myself
byc>> through many sources although I don't go back to school to do it.
byc>> On the other hand, the idea of getting higher or specialized
byc>> education and degree is really appealing. Also, since my current
byc>> work does not have anything to do with security, getting more
byc>> education might offer me a better chance of getting in to security
byc>> field than studying on my own, getting some certs and try to
byc>> convince companies to believe that I know about security.
byc>> Any opinions welcome
byc>> -------------------------------------------------------------------
byc>> -------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
byc>> The Norwich University program offers unparalleled Infosec
byc>> management education and the case study affords you
byc>> unmatched consulting experience.
byc>> Tailor your education to your own professional goals with degree
byc>> customizations including Emergency Management, Business Continuity
byc>> Planning, Computer Emergency Response Teams, and Digital Investigations.
byc>> http://www.msia.norwich.edu/secfocus
byc>> -------------------------------------------------------------------
byc>> --------
CW> --
CW> С уважением,
CW> Vladimir mailto:slyman2000@Mail.ru
CW> ---------------------------------------------------------------------------
CW> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
CW> The Norwich University program offers unparalleled Infosec management
CW> education and the case study affords you unmatched consulting experience.
CW> Tailor your education to your own professional goals with degree
CW> customizations including Emergency Management, Business Continuity Planning,
CW> Computer Emergency Response Teams, and Digital Investigations.
CW> http://www.msia.norwich.edu/secfocus
CW> ---------------------------------------------------------------------------
CW> Liability limited by a scheme approved under Professional
CW> Standards Legislation in respect of matters arising within those
CW> States and Territories of Australia where such legislation exists.
CW> DISCLAIMER
CW> The information contained in this email and any attachments
CW> is confidential. If you are not the intended recipient, you must
CW> not use or disclose the information. If you have received this
CW> email in error, please inform us promptly by reply email or by
CW> telephoning +61 2 9286 5555. Please delete the email and destroy
CW> any printed copy.
CW> Any views expressed in this message are those of the
CW> individual sender. You may not rely on this message as advice
CW> unless it has been electronically signed by a Partner of BDO or it
CW> is subsequently confirmed by letter or fax signed by a Partner of
CW> BDO.
CW> BDO accepts no liability for any damage caused by this email
CW> or its attachments due to viruses, interference, interception,
CW> corruption or unauthorised access.
CW> ---------------------------------------------------------------------------
CW> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
CW> The Norwich University program offers unparalleled Infosec management
CW> education and the case study affords you unmatched consulting experience.
CW> Tailor your education to your own professional goals with degree
CW> customizations including Emergency Management, Business Continuity Planning,
CW> Computer Emergency Response Teams, and Digital Investigations.
CW> http://www.msia.norwich.edu/secfocus
CW> ---------------------------------------------------------------------------
--
С уважением,
Vladimir mailto:slyman2000@Mail.ru
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
