While the specialized coursework needed for a master's degree makes it more similar to a trade program, again, skill acquisition shouldn't be the degree's focus. All things being equal, I would prefer to hire a person with a master's in computer science over a person with a master's in computer security, since the computer science major would have a more diverse exposure to the application of computer security. The computer science major might have had two or three fewer courses in computer security than the computer security major -- but I or another co-worker can help him make up for that over a couple of weeks of actual work experience.

No employer should believe that college degree alone makes someone capable to do a job. On-the-job experience more than makes up for a lack of a few courses. And if you look around the industry, the leaders and founders of the computer security field didn't need a degree in computer security. They basically taught themselves -- as do most of the hackers.

Why should the computer security (or information security) field merit its own degree program, when no other disciplines with the computer profession as a whole need such a distinction and when breadth of knowledge and the ability to synthesize thought are so critical to god work? I believe that such an overspecialized course of study cheapens the fundamental purpose of a college education. And having degree titles with marketing buzzwords such as "ethical hacking" is a flat-out embarrassment.