http://www.darkreading.com/operations/educating-the-cyberwarriors-of-the-future/a/d-id/1319590
Jeff Shilling opines that we need more experienced people in the Cybersecurity field. As usual the issue is senior-level execs do not fully understand all the ramification differences with
1. a person with 5+ years experience in IT plus Cyber Security Knowledge (no university degree)some certifications
or
2. a person with 2 years experience and has all the cyber Security certifications. (plus university degree)
His assertion is that the experience trumps the formal education, in fact with someone that came out of college with a degree, usually has 4 years working at the degree, so you add 1 or 2 years in the working world it does seem that a college degree (even in computer science or an engineering degree) would not give the same outlook on a cyber security job than someone with 5 years in the working world without a 4 year college degree.
I think he misses the point that we need someone with experience(2-5 years or more), and a college degree, since the difficulties in today’s cyber security field will not become simpler.
There is nothing like being placed in a situation that was not in the books, was not taught by the college instructors, and the person has to figure it out on the job as it comes.
A Certified ethical Hacker has to have at least 4 years of security experience or have 3 years of security experience plus a college degree. So the college degree is worth 1 year of experience not 3 or 4.
Another aspect is Cyber Security training for all users:
Most people do not understand cyber Security and have had no training.
That makes sense, this is why we have this big problem of phishing and malware downloading. the general understanding of Cyber Security is horrible. Thsi is also why senior execs have such a low understanding of the true problem at hand.
Oversitesentry.com and fixvirus.com is trying to change that. Little by little we are trying to help.