Here’s an interesting juxtaposition of hacker-related news articles…
When scanning today’s news I saw the headline, “Teen Is World’s Youngest ‘Ethical Hacker’”
“Whiz kid Shane Kelly is a world-record breaker — at the tender age of 16. Shane has left older rivals across the globe standing by becoming the world’s youngest ethical hacker, five years ahead of schedule.”
right above the headline, “Officials: Student hacker hits school computers”
“At least one student has been accused of allegedly hacking the security codes on Beaufort High School’s computers, allowing anyone to change or access the computers’ hard drives.
A virus that bypasses the security features that prevent students from installing unwanted software was discovered Jan. 30 by technology department workers, said Beaufort County School District spokesman John Williams. Williams said more than 400 computers were affected. About 22 staff members spent a combined 300 hours wiping the virus from the computers’ hard drives.”
Too many elementary and secondary school teachers and staff are woefully under-trained and under-educated in information security and privacy, let alone provide the types of classes and education students of all ages need to receive about information security, privacy and the accompanying ethical considerations.
Besides teaching just “keyboarding” schools need to teach responsible computer use; you can’t expect all kids to seek out information security education on their own by getting an ethical hacker type of certification elsewhere. In fact, youth need to be taught information security and privacy responsibility far beyond the scope of a CEH type of cert.
Kudos to Shane Kelly for overcoming school bullying, and for achieving his CEH. Thorns to his school for apparently not enforcing a non-bullying policy.
If more information security and privacy professionals would volunteer as mentors for the students, and even the teachers, within their schools, information security and privacy in all facets of life would improve.
Tags: awareness and training, ethical hacker, hacker, Information Security, IT compliance, policies and procedures, privacy, privacy policy, risk management, security awareness, security training, Shane Kelly