Home > Blogs > Ongoing Opportunities in Information Security

Ongoing Opportunities in Information Security

A recent report from analyst firm Frost & Sullivan and the ISC-squared (an information security professional organization) shows that while many individuals already work in this field, plenty of new opportunities should be forthcoming in the years ahead. The technical focus for information security is changing to keep pace with the online audience, too.

In a recent slide show compiled for Channel Insider entitled "The State of the Security Workforce 2011," Ericka Chickowski takes the pulse of infosec in the IT world as per a recent industry survey and study. Among the interesting revelations you'll find in this summary are the following:

  • The security of cloud computing looms as a major concern, where 85 percent f respondents cite worries "...about exposure of confidential or sensitive information to unauthorized systems or personnel due to cloud computing..."
  • On a more positive note, 60 percent of infosec professionals report receiving raises in 2010 (about 1/3 higher than the rate for the general IT population)
  • As you might expect in a study co-sponsored by the ISC-squared, salaries reported for members of that organization for 2010 were ~$20K higher than those for non-members ($98.6K vs. $78.5K)
  • About 1 out of 3 organizations plan to increase spending on infosec personnel in 2011; likewise for related hardware and software outlays as well as training and certification funding
  • 3 out of 5 infosec professionals are planning to acquire new certifications in 2011, and nearly 9 of 10 infosec professionals "...view certifications as very important to somewhat important to employers."
  • Where vulnerabilties are concerned, applications pose the number one threat with mobile devices coming in a number 2
  • Nearly 1 of 3 companies have no security policy coverage for use of social media in the workplace
  • Nearly half of all organizations polled have private clouds, while 2 of 5 use Software as a Service (SaaS); this helps to explain why 7 of 10 infosec pros want more skills and knowledge on how to secure cloud-based technologies properly

Information security certifications like the ISC-squared's CISSP (and the add-on ISSAP, ISSEP, and ISSMP), the ISACA CISA, and even the CompTIA Security+ "starter infosec cert" remain in high demand. Clearly, the more senior security certifications also add to an IT professional's cachet and may open doors to additional responsibilities or employment opportunities. With so many infosec professionals already considering new certs for 2011, my biggest take-away from this report is that anybody who's interested in work the infosec patch had best review his or cert credentials, and start planning to update existing ones or acquire new ones.

For more information on this fascinating subject area, please see my February, 2011 article (co-authored with Mary Kyle) entitled "Choosing the Right Security Certifications for You."