Every year, more and more often, when entering universities, children choose such a direction as “information security.” Currently, the demand for specialists in this field is growing. Therefore, the direction is really popular among applicants. Moscow universities are increasingly including “information security” in the list educational programs. After all, she is in demand. This article will discuss these and provide information about the specialty “information security.”
About the direction
As part of the discipline, students study computer science in depth, in particular dealing with information security. After receiving a bachelor's degree this topic It is proposed to study in more detail, specializing in individual aspects. In order to enter any university in this field, you must pass the following subjects in the Unified State Exam format: Russian language, specialized level of mathematics, computer science (sometimes replaced by physics or chemistry) and, if it is an international university, a foreign language.
Advantages
The specialty “information security” opens many doors, because its fundamentals are now applied in almost any field of activity. You can work in both public and private companies. Professionals identify the risks of network hacking and information leakage, ensure its protection, analyze malware, install and purchase new software, and maintain it. This position is considered the highest paid these days. Professionals receive up to 150 thousand rubles, and beginning specialists - from 30 thousand.
Thus, we can say that such a direction as “information security” is really gaining popularity. Where can I learn its basics?
MTUSI: basic
It was founded in 1921. Today, this Moscow university (“information security” is one of the areas in which specialists are trained here) is considered the best in the field of telecommunications. Many professors of the educational institution have written their works and are conducting developments in this area. Another plus of the university is that admission is quite easy. In order to become a student, you need to score 50-60 points for each Unified State Exam subject from the list. The Faculty of Information Technologies provides training in 11 programs, including training specialists in information security.
About training
Moscow Technical University communications and computer science offers a deferment from the army and obtaining a state diploma, which is a definite advantage. Students especially note social activities at the institute. They have created their own sports teams, which often take first places in competitions at various levels, and the KVN team, which recruits new students every year. The university hosts various creative competitions to identify talents.
It is also worth mentioning the standard of living in the hostels. Rooms are provided to all nonresident students subject to availability. The hostel is new, modernized. The presence of a huge library collection is also good news; many students use scientific, specialized literature when writing their diploma, coursework, various abstracts. The price of training also attracts many applicants to this university - it ranges from 100 to 200 thousand rubles per year.
FU under the Government of the Russian Federation: history
The university was opened in 1919 as the first financial university in Russia. The first 280 students graduated in 1923 as graduates in economics and finance. In subsequent years, the life of the university was either suspended or in full swing again. Modern meaning it acquired in 1991, receiving academy status and leadership among other universities in Moscow. A year later, the academy began to be supported by the Government of the Russian Federation. In 2010-2011, a reorganization was carried out again, during which the educational institution was awarded the status of a university and colleges were added. Nowadays the university is highly valued among applicants, since they have a much greater chance of working in the Government or in general after graduating from university. government agencies. Since 2014, the educational institution annually receives one of the first places in the rankings of the best universities in the country, the CIS and Europe.
Admission
The highest priority and developing area of the university is “information security”. Moscow universities are inferior to FU in this area. It is quite difficult to enter here - in each subject of the Unified State Exam you need to score 85-90 points to get a budget place (and there are 45 of them), to enter the paid basis this threshold is reduced to 75-80 points.
Pros of training
But despite high cost training, the financial university under the Government of the Russian Federation has its advantages. “Information security” here is not a monotonous lecture, but interesting practical lessons V various structures, including government ones. This is a definite plus; education is based on the equality of students and teachers, defending one’s own interests and different theories, obtaining a compromise or something qualitatively new. Creativity is the basis for acquiring knowledge at this university.
It is also worth noting that students studying on a contractual basis are provided with a system of discounts if they have good and excellent grades. Thus, the cost of training is significantly reduced. Also, the financial university has a whole complex of dormitories, so every non-resident student is provided with a place. The educational institution implements a system Catering, that is, there is its own network of canteens and buffets in educational buildings and dormitories.
Any student can use the services of the institute’s sports and fitness complexes. This and Sport halls, and swimming pools, and open areas, and GYM's, and various sections. Grafting work is underway healthy image life and love for sports.
MAI: basic
The institute is one of the best, according to reviews of students entering the specialty “information security”. provides information security training at the international level, so the cost of training here is 150-250 thousand rubles. There is a possibility of admission to free of charge- the faculty can provide 40 places. In order to get the coveted place and study for free, you need to score at least 80 points for each USE subject.
The Institute was founded in 1930, and already in 1945 - after the victory in the Great Patriotic War Patriotic War- received the Order of Lenin, and after that was repeatedly awarded with various other state awards. In 2009, the status of a university was received, and in 2015, MAI was merged with another technical university - MATI.
Benefits of training
“Where should I go to study information security?” - this is a question many applicants ask. MAI is a great option. It is the only educational institution in Russia where developments are carried out in aviation and rocket and space systems, management, and the field of IT technologies. The university often ranks first in rankings in neighboring countries. Foreigners study here, Team work With foreign organizations and companies.
About 85 percent of MAI graduates work in the most famous companies in Russia and abroad; employers willingly offer excellent positions to former students educational institution. Also here is a program of continuous education, that is: secondary vocational education - bachelor's degree (specialty) - master's degree - postgraduate study - second higher education - retraining - advanced training. Not all universities in Moscow offer this. “Information Security” is one of the first multi-level training programs.
The university also carries out social support students. MAI has its own campus, which includes a complex of dormitories, various sports centers and educational buildings. There are public catering centers - cafes and buffets. MAI also has its own Palace of Culture, where various creative and other events are often held. All of them are designed to develop in students not only professional, but also other skills that are needed to become a full-fledged individual. So, there is its own KVN team, which participates in games not only between the highest educational institutions, but also between regions.
Studying after college
- College of Entrepreneurship No. 11;
- MGKEIT;
- College of Communications No. 54;
- College at MEPhI.
It is much easier to enroll in a university majoring in information security after college. Moscow universities are much more willing to accept for training people who have received a secondary vocational education in this specialty, sometimes even without passing the Unified State Exam. But you need to learn more about these programs in admissions committee educational institutions.
Thus, the field of “information security” is really popular among applicants, as you can see by reading the article. All that remains is to choose a university to enroll in.
We are now preparing for the second part of the hacker tournament. Anticipating possible questions from journalists and people far from information security, I want to tell you in advance why the end result will not be hackers, and what a career as a security specialist generally looks like.
A security guard today, roughly speaking, can shift pieces of paper, walk around the perimeter with radio equipment, draw up Disaster Recovery plans, and directly deal with fixing holes in the software. There are a lot of specializations. It all depends on the specific organization: its size, types of information being protected, technologies used, and so on. It is clear that the most interesting work is where real security is needed, and not fictitious (paper), there is high level automation.
Let's see where such specialists come from and how they are obtained.
Education
Of course, in order to become an expert in information security, you need to have a technical education. The best choice is a specialty that contains the words “automation”, “security”, “programming” or “mathematics”. Several years ago, graduates exclusively from universities such as MEPhI, MVTU, MSU and MIPT were highly valued. Behind last years Quite a lot of regional universities with approximately similar training programs have been added to them.English is very important, especially technical. The sooner you start learning it, the better. If you have graduated from university, but do not yet speak English fluently, it is worth enrolling in good courses.
Even in education, for different specializations, it is important to “download” cryptography (very good basic course available on Courser) and mathematics in general, understand the hardware used in the company (most often we are talking about telephony, cameras, and so on), understand the network architecture very well in theory and know the features of all hardware in practice, have experience in system administration like MS, and *nix, plus at least some server experience with HP and IBM. All this is learned in courses and seminars for students from large companies, they are most often free, for example, CROC regularly conducts training for students in various areas, the information is available. A number of things, like the ability to work with a soldering iron, are purely home practice. By the way, you won’t need the soldering iron itself, but understanding iron at a low level is very good.
Another important part of a security guard's job is some sociality. The fact is that security measures almost always slow down company processes in one way or another, and people have to explain why this is necessary. Defend every decision, conduct trainings, prove your case to management, and so on. Another aspect is the already mentioned work with social engineering, which simply requires at least basic knowledge of psychology.
First job
When leaving university, the future security hero is either not needed by anyone (in general) or is perceived as an excellent intern for big business. The reason is that everything in operation depends on the specific environment and specific threats. That is, you can only learn through practice in the company where growth is expected.There are three conclusions from this:
- It's good to look forward to a multi-year career in one place.
- The sooner you start getting to know your future company, the better. The best option is to do your internship right there.
- It is important to develop in general personal qualities like systems thinking and responsibility - they will come in handy in any conditions.
Then, in general, there are two common options: the first is that you are slowly growing in one company. The second is that you get a lot of trouble at your first job, and already beaten, but experienced, cynical and wary, you start working for a higher salary in another place.
Lifestyle and prospects
Enough frequently asked question from students - “Who should I download: a system administrator or a security specialist”? For experienced people, this comparison makes them smile: it’s like comparing warm with soft. At first, earnings are approximately the same. A security officer has more chances for a successful leadership career, but also more responsibility: early gray hair, cardiovascular diseases and other consequences constant stress- These are professional risks. The system administrator, of course, is also worried, but if he fails, the matter is limited to a hassle and restoring from backup.A “pumped up” security specialist gets paid more because, again, he is closer to the company’s decision-making (and risks). In large business, the rules in this area are simple - the more risks you take, the greater the income.
The work of an information security specialist often leaves an imprint on your lifestyle. Firstly, it is not customary to advertise a profession. Several of your friends who are web designers, system administrators, sales managers, or whatever-else may be much higher in the company hierarchy - and actually work in safety. Actually, I know several people on Habré who have a completely different position written in their profile than in reality.
Secondly, there are sometimes travel restrictions. I won’t go into details here, but in short, in order to have a career in a number of state-owned companies, it is better to learn English at home, rather than regularly go to practice in other countries. Since experience in specialized government agencies and services is highly valued, it is better to think about this in advance.
As a rule, key positions in information security services in a corporate environment (in companies with a long history) are dominated by people in uniform or with a similar background. This is your own world, your own values, criteria of happiness and truth.
Borderline specialties
When developing a business (in young structures), very often a security specialist grows out of either a system administrator or someone from development, for example, a project manager. It’s just that at some point it becomes clear that you need a person who will take on a number of responsibilities - and for some people it turns out easier and simpler. It’s much less common for a security professional to come from a financial analyst (or something similar) or a lawyer (by the way, this is one of the few humanitarian professions from which you can move into information security).An established information security specialist can grow into a risk management specialist (this is finance), but in practice he is paranoid, showing where and what needs to be backed up, plus how to recover in what situations. This happens in large businesses, and in Russia the topic of Disaster Recovery is just beginning to gain popularity. The reverse process is also possible, when it will first be necessary to cover the risks of the technical infrastructure, and only then this process will move into ensuring security in a broader sense.
Keeping fit
Every day you need to set aside about an hour for education: this is the only chance to remain generally prepared for what is happening with technology. You need to constantly read the specifics on known situations hacking, mastering new systems - and all the time thinking like an attacker from the outside. This is exactly the kind of training that the Cyber Readiness Challenge simulator was created for: created by Symantec's highly experienced cybersecurity specialists, the corporation's simulated network contains typical details for many large networks.The difficulty is that you simply cannot be prepared for everything. If 15 years ago it was really possible to know all the features of your technical environment without exception, now the hackers of the attacking group (for example, competitors or, more often, scammers) will by default be more prepared in specific technologies. This means that you either need to have virtuoso specialists with narrow specializations on your staff, or know them so that in case of problems you can quickly consult with them or involve them in solving the problem.
Of course, you need to keep not only yourself, but also your department, as well as all the people in the company in shape. There are two simple principles here - audits and training alarms.
Finally
Of course, the above describes a certain collective image, which may be radically different from what is in your company. Everyone has their own needs and historical principles, so the approach to security can be very different.Since in the sphere it is felt acute shortage people with experience, we regularly conduct various training events. As I already said, the next major one is the CRC tournament (organized by Symantec and us, CROC).
What can you do after graduating from the Faculty of Information Security and where can you gain experience? Does it make sense to study to become a security guard if you live in a small town? Sergey Kruchinin, director, will tell you about all this educational projects GeekBrains. This person manages the work of the deans of all 8 faculties of GeekUniversity and coordinates the educational plans.
Sergey, let's start with the main thing. Information security specialist is a broad concept. What exactly do you teach?
First of all, I want to say that the faculty program was developed by practicing specialists. Special thanks to Nikita Stupin, information security specialist at Mail.Ru and dean of our faculty. We will share with students the best security practices that are already used in Mail.Ru Group.
So that no one gets confused, you need to understand that in the field of information security (IS) there is “paper” and practical work. “Paper” specialists monitor whether the security system - according to documents - meets the requirements of the law. In fact, it may be full of holes that no one is looking for or fixing, but in the documentation everything is according to the standard.
Do not do it this way
We focus not on “paper”, but on practical safety web applications, networks, hardware and data. Our students will study hacking methods and technologies, hacker tools, and the operation of systems to be protected. All this knowledge is necessary to find and close vulnerabilities.
Our students will also briefly get acquainted with the “paper” side of information security: they will learn to draw up regulations and instructions for enterprise employees. Standards and documentation are by no means useless, but they are not a substitute for real protection.
- Why did GeekUniversity choose this particular path?
Practical safety is more important. A strong business is primarily interested in the result. I would also advise starting with practice because it will most likely lead you to a young and progressive IT team.
“Paper” vacancies are more often filled by people aged 40–50 years with a special type of thinking, university education and experience in government agencies. They look at things formally. During an audit, they ask questions like, “Do you have an intrusion detection system?” Or, to check something, they ask the client for the root password. Without a password, our graduate will look at what he needs on an average machine and change the password himself, if necessary.
At GeekUnivestity we are preparing specialists who will be in demand at Mail.Ru Group and similar companies - they will be able to participate in ensuring the security of a large mail service, for example.
- By the way, in what areas of security do Mail.Ru Group hire specialists?
Among the priorities is product security (Application Security), there is even an open vacancy. Specialists in this field are able to find web service vulnerabilities, neutralize SQL injections, OS Command injection, and more. Infrastructure security specialists are also in demand. Their competencies: network level protection (L3, L4, TCP/IP, firewalls), security operating systems(control of package and kernel updates), password policies, perimeter scanning - the list goes on for a long time.
- For those who are just getting acquainted with the terminology, what are injections in web services?
This is when, instead of the data expected by the application, such as a message identifier, the attacker enters the command he needs, and the script executes it. The fraudster gains access to confidential data or even to the machine on which the vulnerability was found.
- What other threats do you teach to find?
Binary, cryptographic. There are many types of vulnerabilities. The first two quarters of the school year are dedicated to web security alone. This is a very important direction, because business moves from offline to online, and user data goes to the web and clouds. Just 10 years ago, taxis were ordered only by phone. Now - mainly through services like Uber and Yandex.Taxi. AND main question- how secure is the web service to which you trust your data.
If the site developers have not taken care of security, a more or less advanced user can read other people's messages, look at photos, and so on. There is a set of web vulnerabilities designed to exploit programmer carelessness. We explain to students how attackers find and exploit such vulnerabilities, what this can lead to, and how to prevent it.
Knowing such things is useful for web developers, project managers, and anyone who wants to protect the confidential data of their website visitors. Or you need to involve a practitioner who will conduct an audit. Identifying threats is less than half the battle. We still need to figure out how to eliminate them, and then make sure that the protection works.
GeekBrains office: we work until late, just so that students gain knowledge
In addition to web security, our students study network security in detail. These areas are partially related, because there are threats that affect not only the server, but also the client part of the service.
For example, some sites, including large organizations, do not encrypt traffic. This allows it to be redirected to fake machines and intercept everything that users wanted to send to the server.
What if a person lives in a small town where there are no advanced IT companies? So he trained as a practical security guard. Who should he work with?
The technology stack we teach is also tied to system administration, and other areas related to information security. If a person studies diligently, he will become a general specialist with us. Now I will explain in more detail.
A good security specialist must be able to administer. If you look at the resumes of information security specialists, many have had a system administration stage in their careers.
Our students study Linux closely. Anyone who has not worked with this operating system before will first of all learn how to install it on a virtual machine. Next, students master working in the terminal, installing software and solving basic problems.
We also teach how to work with services: how to set up an Nginx or Apache server, a DBMS database, set up a BIND DNS server and mail. You just need to remember that knowledge does not come automatically after paying for training - you have to make an effort.
- Do you also teach how to build and configure networks?
Yes. Network engineer is another profession with which the work of a security specialist has something in common. You must be able to at least configure network filters, close ports, and monitor active connections.
When studying computer networks, students will practice practical skills on the Cisco Packet Tracer simulator. We chose it for the sake of clarity, but the ability to work with Cisco equipment is also a bonus for your resume.
The cornerstone topic of network security is TCP/IP. This is a model for transmitting data over a network. Administrators and security specialists work with different implementations of it all the time. We tell you what link and network layer protocols are, how they work, and why you need a MAC address. Few people understand this, although it is at the link level that many types of attacks are built.
Studying network technologies
- Let’s return to the situation “a graduate does not want to move from small town" Where to work?
Let's start with the fact that there are providers everywhere. They will be happy to hire our graduate as a network engineer. Moreover, this will be a network engineer with a very good understanding of security. In career terms, he will have an advantage over people who previously only laid networks: crimped twisted pair cables and ran through attics with it. It will be easier for our security engineer to rise to the rank of manager. Providers have websites and some services - here you can also express yourself.
The next point is that system administrators are needed everywhere. If the company does not have a separate information security specialist, his duties are performed by the system administrator. And again, our graduate gets an advantage over administrators who studied security themselves and superficially.
On my own behalf, I will add that if you have the opportunity to move to Moscow or St. Petersburg and work in a large local or international company, it's worth it. We have students who have already succeeded.
- What about working with applications? After all, the security guard must also keep the software under control.
Yes, we teach application disassembly and analysis so students can identify malicious code.
You need to understand that attackers and those who fight them use the same tools. "Black" (bad) hackers analyze software and look for vulnerabilities that can be exploited. A white hat (ethical) hacker looks for bugs to plug security holes.
We teach how to explore code. If the programmer was careless, certain conditions the program may reveal confidential data. For example, send the user a piece of RAM where passwords, private keys and other interesting things are stored.
We also teach programming in Python. It makes it convenient to automate tasks or write your own data analysis tools. These skills take a security guard to a higher professional level.
We also have a course on Operating Systems. He talks about OS architecture, how security threats differ in Linux, DOS, Windows, and more.
We explain what kernel space and user space are, how memory works, and why one application in modern operating systems cannot change the data of another application. How does a process differ from a thread?
Towards the end of the course - in the fourth quarter - students are introduced to the topic of binary vulnerabilities.
- You mentioned that students also learn how to draw up regulations and work with documents.
We talk about interaction with law enforcement and regulatory agencies - FSTEC and FSB. We learn when and how to apply the safety standards provided for by Russian law.
There is one more important point. We teach the basics of social engineering. Because an attacker never takes the difficult route unnecessarily. Before breaking anything, it tries to lure a password or other necessary information from the user. We tell you how to take into account such schemes when drawing up instructions for company employees.
- So you are preparing a “universal security soldier”?
We are preparing a person who knows how to hack and protect. It is necessary to understand hacking methods in order to competently build an information system.
A good security guard has the same skills as an attacker. But it does not use them for selfish and/or criminal purposes, but to protect the system and, ultimately, users.
You can hack anything - it's a matter of time and resources. But bypassing a well-built defense can simply ruin an attacker.
- How are priorities set among the areas being studied?
Main focus on web security. Network engineering and system administration are adjacent to it. In other areas, we provide basic knowledge that can be developed depending on the student’s interests.
Where can a security student dial practical experience? What achievements will he be able to put on his resume based on the results of his studies? And how to level up yourself?
Threats can be modeled. There are special tools for this. It’s better to start with simple things: take and install a “buggy web application” on the site - bWAPP (buggy web application). It was initially created to be insecure so that “ethical hackers” could use it to practice finding and blocking vulnerabilities.
There is also DVL - a special Linux distribution with intentional configuration errors.
Such tools are very useful, but students can quickly get bored with them, so we have prepared more interesting tests. For example, competitions like Capture the flag. You gain access to a remote machine, but you don't know its vulnerabilities in advance and have to find them. Victories in such competitions and competitions are valued in the market - they can be safely written down on your resume. It is no easier to hack a serious simulator than a real website.
It is also worth participating in competitions like Bug Bounty. This is when an organization offers a reward to those who find vulnerabilities in a product. We will tell you how to participate in such programs. If you have a well-developed account on hackerone, you will be welcome in large companies, including foreign ones.
Our student can also offer audit services to website owners: find and close vulnerabilities. The main thing is to agree with the owner of the site in advance, because the line between “black” and “white” hacking is very thin and unsolicited help can lead to criminal charges.
Does it make sense to offer security audits to those who don't care about it? It happens that a vulnerability is visible even to a non-specialist, but no one eliminates it...
It's worth a try. Some people really find it useless to write, but there are also those who haven't thought about the problem. I explained to one site owner that he uses HTTP, and it’s time to switch to HTTPS, because otherwise user passwords are transmitted over an unsecured communication channel. And the man listened. If the site generates income, the owner is interested in its development and, most likely, will engage in dialogue.
Here is a person who won a competition, conducted an audit for someone, but has not yet worked on the staff. Is this a problem when looking for a job?
No. Our graduate spent a whole year with GeekBrains and Mail.Ru Group. He already imagines working as a security guard in a large company, knows the entire technology stack and has put together a starting portfolio. From the point of view of the average employer, this is a lot.
- There will be something to show off at the interview...
By itself. It is possible that the graduate will understand some issues better than the future leader.
Sergey, thank you very much! Now I have a complete picture of what and why they teach at the Faculty of Information Security. If readers have any questions, I hope they will ask them in the comments. And you and I will still find time to talk in detail about another faculty - artificial intelligence.
There really is a lot to be said about the new faculty and the Data Science direction. So until next time.
Information specialists security officers are directly involved in the creation of an information security system, its audit and monitoring, analyze information risks, develop and implement measures to prevent them. The profession is suitable for those who are interested in computer science (see choosing a profession based on interest in school subjects).
Their competence also includes installation, configuration and maintenance technical means information protection. Security specialists train and advise employees on information security issues and develop regulatory and technical documentation. This position arose at the intersection of two directions information technologies and security technologies. Today, neither commercial structures nor departmental organizations such as the FSB can do without information security officers.
Features of the profession
This profession arose at the intersection of two areas: information technology and security technology. Today, neither commercial structures nor departmental organizations can do without information security employees. They prevent leakage of important information, data fraud and incompetence (malicious intent) of their own employees. On a national scale, information security specialists create systems for protecting strategic information on the country’s defense capability, form secret databases, and maintain the secret of the nuclear briefcase.
Pros and cons of the profession
Pros:
- demand in the labor market, since the field of information security is rapidly developing, which means that the demand for specialists in this field will constantly grow;
- high wages;
- the opportunity to master the most advanced information security technologies;
- opportunity to attend conferences and seminars;
- communication with a variety of specialists, the opportunity to make useful connections.
Minuses:
- high responsibility, as you have to be responsible for the safety of all company information;
- Frequent business trips are possible.
Place of work
In organizations various forms properties that have their own computer networks and need to preserve corporate information and important commercial information.
Important qualities
Communication skills and ability to work in a team. The creation and adjustment of protection systems is a collective work of several specialists: the head of the protected company, an analyst, system designers, and programmers. You need to find an approach to everyone and be able to pose the task in a language that they understand.
Where to study to become an Information Security Specialist
Higher education:
Universities
Russian Institute vocational education"IPO" - recruits students to obtain a specialty through a distance program of professional retraining and advanced training. Studying at the IPO is a convenient and quick way to receive distance education.
200+ training courses.
8000+ graduates from 200 cities.
Short deadlines for completing documents and external training, interest-free installments from the institute and individual discounts. Contact us!
We invite you to familiarize yourself with our list of information technology (IT) universities.
An information security specialist must know all the technologies of the WEB environment, as well as understand the methods of hacking access and damaging networks and projects.
Salary
Salary as of 09/12/2019
Russia 20000—90000 ₽
Moscow 45000—135000 ₽
The level of remuneration for a specialist is determined by the welfare of the company, the list job responsibilities, work experience in the specialty, level of development of professional skills.
Career steps and prospects
This position in itself is already one of the highest levels career growth in the IT field, higher only than the position of head of department or information security department. IT specialists with incomplete or completed higher education, experience in administering information security tools and operational Windows systems or Unix. Employers' requirements for the professional skills of novice specialists are quite serious: even applicants for a relatively low income must know the legislation of the Russian Federation on information security, the principles of network operation and cryptographic protection tools, modern software and hardware for information security, as well as information security technologies. The salary that young professionals can count on in the capital starts from 40 thousand rubles.
The next level is a specialist with a higher education in the field of information technology or information security, with at least 2 years of experience in the field of information security. In addition, applicants must have experience in auditing and assessing risks of an information security system, skills in developing regulatory and technical documentation on information security, knowledge international standards information protection and ownership English language at a level sufficient to read technical literature. Specialists who meet the above requirements earn up to 80 thousand rubles in Moscow.
For admission, the Unified State Examination is accepted in mathematics as a core subject, Russian language, and physics or computer science and ICT to choose from.
The passing score, according to a survey conducted by the National Research University Higher School of Economics and the analytical department of the RAEC, the average passing score of the Unified State Exam in the regions varies slightly, and differs significantly between different information security specialties.
The maximum passing score in universities varies from 45 to 86.
You can choose a specific specialty, taking into account the nuances and specifics of the areas: specialty 10.03.01 “Information Security” - here they provide basic knowledge on the installation and operation of information security system components.
- Specialty code - you can gain applied skills in protecting technical equipment.
- The specialty code provides the skill to identify channels of information leaks and prevent cases.
- The specialty code is the development of threat models for databases and the creation of programs to protect them.
- The specialty code is programming and security of operational, tax, financial, budget systems.
You can study full-time, having completed 4 years of training to become a specialist. There are master's and postgraduate courses in some information security specialties. Extramural training is not provided everywhere; its terms vary in different universities. In secondary educational institutions, the passing score is significantly lower, but the choice of specialties is narrow.
Specialty information security - universities and colleges
Which universities offer a major in information security?
Training of specialists in Russia is carried out in all regions of the country. Their distribution, however, is uneven.
The most a large number of IT specialties at USATU, there are 19 of them. Next come MSTU. N.E. Bauman and SPbNIU ITMO. In general, get an education in the field of information security at 145 universities in Russia. More than 30% of them are located in Central federal district.
Specialty information security - Moscow universities:
1. Academy of the FSB of Russia
2. MFYUA
3. Federal State Budgetary Educational Institution of Moscow State Linguistic University
4. Financial University, Financial University
5. Federal State Budgetary Educational Institution of Higher Education "National Research University "MPEI"
6. MIIGAiK
7. Federal State Budgetary Educational Institution of Higher Education "Moscow State Engineering University (MAMI)", University of Mechanical Engineering (MAMI), University of Mechanical Engineering
8. National research university"MIET"; National Research University MIET; MIET
9. JSC "ITMiVT"
10. NRNU MEPhI
11. Academy of the State Fire Service of the Ministry of Emergency Situations of Russia
12. MSTU GA
13. Federal State Budgetary Educational Institution of Higher Education RGAU-MSHA named after K.A. Timiryazeva
14. Federal State Budgetary Educational Institution of Higher Education "Russian State Geological Prospecting University named after Sergo Ordzhonikidze", MGRI - RGGRU
15. MTUSI
16. MSTU im. N.E. Bauman
17. Military Academy of the Strategic Missile Forces named after Peter the Great or VA Strategic Missile Forces
18. Moscow University of the Ministry of Internal Affairs of Russia named after V.Ya. Kikotya, Moscow University of the Ministry of Internal Affairs of Russia named after V.Ya. Kikotya
19. MIREA, MGUPI
Students studying multi-level systems security Cisco and Oracle, gain skills in working with specialized equipment that blocks information leaks, practice searching for hidden video cameras and radio bookmarks, blocking information transmitters using various complexes “Sonata”, “Shtora”, “Barkhan”.
Specialty information security - who to work for
Where to work as an information security major?
Work in the specialty of information security with the use of one’s knowledge and the realization of potential for both students and graduates can be offered in IT companies, government agencies, telecommunication system operators, as well as by participating in international tournaments. Major players in the IT market send head hunters to such events and subsequently make offers to the participants.
Grigory Bakunov, director of technology distribution at Yandex, and Dmitry Voloshin, director of the research and education department at Mail.ru Group, agree that there is a problem of staff shortages.
Cisco has launched a cybersecurity scholarship program in August 2016, in which it invested $10 million. It is designed to increase the number of specialists with the necessary training in this area. The program will be implemented jointly with the company’s authorized training partners, including many Russian universities.
According to the results of a survey conducted by APKIT and VTsIOM, only 13% of graduates of IT universities confirmed that education at a university can be applied in real work conditions. But, as Alexey Sokolov, Deputy Minister of Communications and Mass Media, said, the number budget places increased by 70% in 2 years, and it is planned to achieve higher magnification reception check digits.
There is hope that the quality of education in this area will also increase, although RAEC believes that, despite the increasingly active support of IT education by the country’s leadership, the problems of insufficient competence of IT specialists and inertia are still relevant curricula, incompetence of theoretical teachers.
Loading...