Since I’m a technologist, I sometimes get asked “what is the biggest hole in computer security”? The answer is that the IT industry is not regulated. To be a Medical Doctor, Nurse, Vet, Lawyer, Architect or Electrical Engineer (among other professions), you need to go to school and become licensed. Not the case for IT. Anyone can just wake up and call themselves a programmer. The problem is that IT should require some formal training and a license to practice. Professionals should also be required to carry some kind of formal insurance.
Knight Capital Management lost $400 Million last year because a systems administrator flubbed an update and countless websites have been hacked to and confidential customer data stolen because of inexperienced developers writing insecure code. A majority of mistakes could be avoided by hiring qualified candidates with a formal education and by having well though out policy and procedures.
