General features

It seems not even a week can go by at the moment without a new instance of identity theft or a security breach of some kind hitting the headlines.

And the North East has not escaped the spotlight.

Against this background, Northumbria University's decision to develop a new degree that will teach students how to locate and strengthen security weakness in computer systems seems like perfect timing.

Computer security

The university is currently receiving applications for its new BSc (Hons) in Ethical Hacking, with the first intake of students due to start in September 2008, subject to the course going through the university's validation process.

So what exactly is "ethical" hacking"?

Alastair Irons, Associate Dean of the School of Computing, Engineering and Information Sciences at Northumbria University, likens the role to that of the old crime prevention officers, who would visit people at home to advise them on how to keep their property safe.

Alastair has helped develop the course

"Basically it's a branch of security design," he says. "The ethical hacker uses a selection of techniques that malicious hackers may use to show the owners of computer systems where the holes [in them] may be.

"It's pointing out to people where [computer] systems are vulnerable and providing countermeasures to combat these weaknesses."

Working within the law

This process of "hacking" into systems to determine their weaknesses is known as penetration testing.

Students will be able to practice these techniques in a "clean room" at the university - an isolated laboratory which is not linked to the university's networks.

Students on the new course may also find themselves studying such things as firewalls, intrusion detection systems and digital forensics.

The first intake should start in September

Alastair is keen to emphasise that ethical hackers always work within the law and would expect to be contracted by a person or organisation to investigate their systems.

Details are still being finalised but it is highly likely that all students who enrol on the degree will have to sign some form of ethical code of conduct and practice.

"We're very confident in teaching law and computer ethics [here]," says Alastair.

Graduates of the course could expect to work for large blue chip companies, financial organisations, banks, insurance companies and the like - anyone really who wants to protect their digital information.

What's in a name?

As for the term ethical hacking, it's a catchy title but not everyone is comfortable with it.

Students will practise in a 'clean room'

"The title ethical hacking raises some interesting eyebrows and it's not finalised that this is the title of the course," explains Alastair. "It might be something like anti-criminal technologies.

"[But] Ethical hacking is the industry accepted label and firms and individuals offering security do accept it as a term."

Whatever they decide to call the degree it is clear that people with these kinds of skills will be in high demand in the future - and that they are going to have a tough job on their hands.

"The one great challenge of the ethical hacker is to stay one step ahead of malicious hackers. They've got to keep up to speed with what's going on and how technology is advancing."