Leader: Ethical hacking - launch, teach... hope

The jury likely to be out for a while on this one...
Written by silicon.com staff, Contributor

The jury likely to be out for a while on this one...

News that the University of Abertay in Scotland is to offer a course in 'ethical hacking' is likely to divide opinion among academics, end users and the security industry.

This is because ethical hacking is a misleading name for the course. What they are teaching is hacking. The 'ethical' bit only comes from the hope, or the belief, that these skills will be used for good. In order to ensure this is the case the university says it will vet and monitor students as best it can.

It is the willingness to accept those conditions and that assertion which will divide advocates and critics of the course.

However, attitudes to such courses are mellowing since the University of Calgary first announced it was to teach a course in malware writing and it's likely there will be a fair amount of approval for the teaching of penetration testing (as ethical hacking is often less sensationally known).

The university claims the course is a reaction to a need among businesses, particularly those in the financial services world, for security professionals with this level of knowledge.

Certainly these skills are undeniably useful, which is why they are already offered to IT professionals by numerous certified training companies. And it could certainly be argued that those individuals who already have a career and reputation in IT to protect are going to be a safer bet for teaching these skills to than students who are yet to make the vast majority of choices which will shape their lives.

We can't say this course will backfire and we refuse to believe students are inherently less trustworthy than career techies but there is undeniably a risk attached to these teachings.

Perhaps the real worry here is the university will be aware that launching the course is likely to create publicity and academia is becoming an industry which grows ever more interested with column inches and the effect they have on bums on seats and coins in coffers.

If something does go wrong, if one bad penny turns up in the pile then it will be a case of balancing the (real) reasons behind launching the course with the effect it had.

However, if it runs well and advertises the need for companies to enlist the services of penetration testers then it could be a force for good.

Editorial standards