RSS Alerts

Related Links

Related Stories

  • Infosecurity professionals still in demand says ISC(2) survey
    Global research published today by ISC(2), the not-for-profit IT security industry association, claims to show that ITsec professionals have been more resilient than most when it comes to salary hikes and their skills being in demand.
  • Premium pricing
    Infosecurity failures can cost millions, but many insurers are reluctant to take the risk, says Danny Bradbury
  • Keynote Theatre Agenda
    The 2010 Keynote programme will address the security issues and pressures that organisations face in an increasingly mobile and global working environment. Leading security experts, industry innovators and speakers from the end-user community who will provide expert analysis, real-life case studies, strategic advice and predictions.
  • What’s in store for 2010?
    The Noughties are behind us now, but memories of a decade of data breaches will continue to haunt the infosec professional. If only there was a way of knowing what the threat landscape would look like in the months to come. Well you’re in luck as Davey Winder has dusted off the crystal ball and spoken to a broad church of infosec professionals to get some informed predictions for 2010
  • 2010 Virtual Conference on Endpoint Security - Beyond the Perimeter - Full conference programme revealed
    Infosecurity US magazine is excited to announce the 2010 virtual conference on endpoint security, to be held on February 25, 2010. This one-day event brings a series of topical keynote sessions direct to your computer, giving you the flexibility to learn about the latest information security trends and challenges from wherever you are in the world.

News

Infosecurity experts hard to get despite economic downturn

05 June 2009

Hiring managers are struggling to fill infosecurity positions due to a mismatch between salary expectations and skill levels, and current demand, information security education and certification organisation (ISC)2 has found it its latest jobs survey.

Florida-based (ISC)2 interviewed more than 2800 information security experts of which 775 had hiring responsibilities. Of these, 44% were looking to hire additional information security staff this year and over 11% planning to add more than three people.

Areas of expertise most sought (in descending order):
  • Operations security
  • Information risk management
  • Access control systems and methodology
  • Applications and systems development security
  • Security management practices

More than 80% of hiring managers said they find it challenging to find the right candidate despite the economic downturn. According to (ISC)2, the range of concerns included: a lack of desired skills or lack of available professionals within a local area; poor cultural fit; and salary demands that are too high for available budgets – particularly from people previously working in the financial services sector.

“Demands on professionals are changing. Companies want more for their investment, and professionals need to keep their skills and expectations in line with what businesses are looking for”, said John Colley, CISSP, managing director EMEA at (ISC)2. “Training and professional development will be essential for individuals as they manage their careers in this tough economy.”

Budget cuts and outsourcing

The survey, which was carried out in April and May 2009, found that outsourcing is having an impact, but that “activity on this front may be slowing”. Although 30% reported increased levels of outsourcing of security functions, only 18.7% expect the situation to worsen over the next six months. Budget cuts could also be slowing.

Almost 72% saw information security budget reductions in the period October 2008 to March 2009, and 53.6% said their information security departments had experiences at least one lay-off in the past few months.

Looking forward, however, 62% said they do not expect any additional information security budgets cuts for the remainder of the year, and 9% expected an increase. 59% said no additional personnel cuts would be forthcoming in the remainder of the year.

“In this environment, companies may be tempted to make rash security decisions made in the panic to cut costs. Organisations are advised to proactively analyse how cuts affect their risk profile and avoid costly repercussions resulting from breaches and mandated reparations”, said W. Hord Tipton, CISSP-ISSEP, CAP, CISA, CNSS, executive director for (ISC)2.

Increasing attacks

At the same time as information security budgets are shrinking, the number of attacks is increasing, (ISC)2 warns. Internal hacking against the system is up 18.4%, external attacks 33.3%, intellectual property theft 27.8% and fraud and embezzlement is up 28.3%.

 

This article is featured in:
Business Continuity and Disaster Recovery Public Sector Security Training and Education

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water