Where Does Secure Coding Belong In the Curriculum?

[goertzel_karen at bah.com (Goertzel, Karen [USA])]

I think we need to start indoctrinating kids in the womb. Start selling Baby Schneier CDs alongside Baby Mozart. :)

Seriously, though, cyberspace is such an integral part of modern life, parents need to inculcate online security into 
their toddlers the same way they teach them to look both ways before crossing the street, and not to talk to or get 
into the car with strangers. In essence, we need to teach kids the virtual equivalents of these safe behaviours when 
they go online - which some of them are doing as early as age 4! If they can be "brainwashed" that early, they will 
come to have higher expectations of what SHOULD be present with regard to security properties in software-based 
systems. Then the notion won't seem alien to them. What will seem alien TO US is that they won't understand the 
struggles we've had to get people to start adding security. The idea of security having ever NOT been there will be 
bizarre to them.

Karen Mercedes Goertzel, CISSP
Associate
703.698.7454
goertzel_karen at bah.com
________________________________________
From: sc-l-bounces at securecoding.org [sc-l-bounces at securecoding.org] On Behalf Of Mike Lyman [mlyman-cissp at 
comcast.net]
Sent: Friday, August 21, 2009 8:17 AM
To: Secure Coding
Subject: Re: [SC-L] Where Does Secure Coding Belong In the Curriculum?

Neil Matatall wrote:
> So where does secure coding belong in the curriculum?
>
> Higher Ed?  High School?
>
> Undergrad? Grad? Extension?

Secure coding needs to be taught anytime programming is taught....