Information security \'recession-proof\'

More than 1/2 businesses plan to rent information security staff this year.

According to a survey by (ISC)²,  theinformation security profession offers not just stability but upward mobility as nearly 70 per cent of employees inside the sector reported a salary increase and 55 per cent expected to receive a rise in 2012. The (ISC)² 2012 Career Impact Survey was conducted from December 2011 to January 2012 among 2,256 respondents.

In terms of hiring, 72 per cent said that during 2011, their organisation hired individuals specifically for info security roles, while 62 per cent said they're seeking to hire additional permanent or contract information security employees in 2012.

Of those hiring, 81 per cent said an understanding of knowledge security concepts is a vital think about their hiring decisions, while other top factors included directly related experience (72 per cent) and technical skills (76 per cent).

Richard Nealon, member of the (ISC)2 board of directors, said: “This is excellent news in a dismal economic system. With demand outstripping supply, there's real opportunity to forge a rewarding career, even for newcomers who would possibly not have considered the probabilities, as employers seek to fulfill their needs.

“I believe the bottom requirement is passion and a real interest for what you're doing, personal integrity, an inquiring mind and a small modicum of common-sense. The remainder may be developed.”

W. Hord Tipton, executive director of (ISC)², said: “This data reflects the rise in security breaches we saw throughout 2011 and the truth that organisations, both within the private and non-private sector, are finally realising the significance of implementing sound security programmes that needs to be run by experienced and qualified professionals.” 

Last week, former security minister Baroness Pauline Neville-Jones said that the united kingdom cyber security skills base was "wholly inadequate" and called for a teaching programme to raised prepare students for a career within the security industry.

James Lyne, director of strategy at Sophos, said: “The IT security skills gap in today's workforce is a fundamental problem in creating the cyber experts of the long run. Introducing understanding of fundamentals, equivalent to logic or basic programming, would be a very good foundation to construct interest, but this would should be built upon in courses and abilities development your complete way as much as university level.

“Graduate programmes and other such ways of junior cyber experts gaining initial experience also should be occupied with, as classroom development alone also will not be sufficient. Many of the very best cyber experts within the industry today are passionately inquisitive about tinkering and twiddling with technology to grasp what makes it tick. This can be a mindset we have to encourage, not only a textbook knowledge.”

The (ISC)² survey found that the head skills managers were in search of were: operations security (55 per cent), security management practices (52 per cent), access control systems/methodology (51 per cent), security architecture/models (50 per cent), risk management (49 per cent), telecom/network security (45 per cent), applications/system development security (44 per cent) and cloud/virtualisation (35 per cent).

“Security is an ever-changing field that requires professionals to expand constantly upon their knowledge of today's advanced threats. Just as importantly, this field also demands hands-on experience and the business know- implement robust security practices across an organisation,” Tipton said.

“While it is a very positive sign that this field continues to grow and is somewhat ‘recession-proof,' one of many biggest challenges that is still is finding enough of the proper individuals with the right security skills to fill the massive void that exists right away. We must continue to construct this workforce at an aggressive pace.”