But I want to discuss what I heard from graduates that gives me a lot of optimism for the future. If I could characterize this latest crop of 95 graduates in a single word, that word would be "professional." To me that says a lot, because we have been flying by the seat of our collective pants since the beginning.
The Norwich Class of '05 included professionals from all areas and several countries, including business, academia, the military, law enforcement and government. They all came away with a clear-eyed view of information assurance, and most have already delivered that view successfully to their organizations.
That is extremely important, by the way. It shows two things that, in my experience, are important in most organizations. It shows that many organizations need to understand at all levels how an appropriate IA program can benefit the bottom line. It also shows that what is really needed is well-informed leadership. These grads are providing that leadership.
An important aspect of leadership in IA is understanding the business of it deeply, but this is hard. Most of us really know our field, but we have a hard time translating that knowledge into a message our corporate leaders can understand and embrace.
Probably the most difficult thing we do is selling IA to the bean counters. This is not a security problem, it is a business problem. These grads have grasped that issue and are using their skills to deliver these difficult concepts to management.
So what is the message (opinion columns are always supposed to have a message)?
First, we are headed in the right direction. Second, these programs can help us as a profession be a profession. Third, there really are ways to sell IA to management and get the buy-in and support we need to protect our organizations' data.
And, finally, there is hope for the future of IA. It's not just a matter of job security. It's a matter of our contribution to the security, productivity, and success of our organizations and those we serve. And that is a very good thing.