Oracle CSO: Developers need "warrior training"

By

Uni curriculums must change to reflect security focus

Developers must have a warrior mindset and begin to play war-games if the eternal battle against hackers is going to be won, said Oracle’s chief security officer, Mary Ann Davidson.

Oracle CSO: Developers need "warrior training"

“Those who design and build critical information systems need a warrior mindset reinforced by warrior training and war games,” she told an audience at the ASIA National Conference. “The reality is systemic risk can’t be mitigated.”

Davidson, a US military vet, said developers have a lot to learn from how the military plans and carries out its operations. In particular, it’s fatal to assume boundaries – such as network perimeters and firewalls – will always hold.

“The US Marines know there will always be breaches in the perimeter,” she said. “And they also know there will always be casualties. That’s why everyone in the Marines, from an office administrator to a sniper, is trained to take up a rifle in defense.”

One key to instilling a warrior mindset is to change the way developers are educated at the tertiary level. “Every developer must start to think like a hacker,” she said. “Too often, when a security breach is found, the developer turns around and says ‘but it wasn’t designed to do that.’”

Security, she added, must be embedded in the class, and in the curriculum. “Lack of software assurance is a cultural weakness manifest as a technical weakness,” she said. “You simply can’t win on defence. You have to go on the offense.”

Davidson was speaking at the Australian Information Security Association Conference in Sydney.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack

Log In

  |  Forgot your password?