Security workforce study reveals salaries, hot technologies

Security Strategies This newsletter is sponsored by CREDANT Technologies, Inc. Data-at-Rest: Encrypt It, but Prove It Be aware of all mobile devices accessing your data, encrypt them and audit for compliance. It's about more than just encrypting bits on disks--a solution must accommodate workforce dynamics (all devices, users and locations) and easily enforce security rules with no compromise to user experience. Learn four essentials. Network World's Security Strategies Newsletter, 07/12/07 Security workforce study reveals salaries, hot technologies By M. E. Kabay The International Information Systems Security Certification Consortium (ISC)2 has provided a valuable service every year since 2004 with its _Global Information Security Workforce Study_. The documents are available free from the organization with a simple registration. The 2006 study describes the demographics of the survey on page 6: “This year’s study reached a broad cross-section of information security professionals in more than 100 countries. Respondents came from the three major regions of the world: Americas (57.3%), EMEA [Europe, Middle-East and Africa] (22.8%), and Asia/Pacific (including Japan) (19.5%).” Get Everyone from the CEO to the MySpace Generation to Support Your Security Plans. September 10-11, 2007 | The Fairmont Chicago How do you get everyone from the boardroom to the mailroom to comply with your security initiatives? Come collaborate with peers on critical business topics like this at The Security Standard-the only business summit for senior security executives. For the latest in planning and management strategies. Click here for more details. Click here for more details A total of 4,016 respondents participated in the study. The respondents included security specialists with a wide range of job titles and occupations in organizations ranging from small (about 5% had fewer than 10 employees) to large (16% had more than 100,000). Company revenue ranges included about 14% with less than $10 million up to those with $50 billion and up (about 8%). Industries represented included IT (20%), government (17%), financial services (16%) and many other sectors. Table 2, “Top 5 Security Technologies Being Deployed by Region” (p. 12) showed interesting differences in the rank orders across regions. Respondents in the Americas listed biometrics first, followed by intrusion detection, wireless security solutions, identity and access management and security event or information management. In contrast, both EMEA and Asia/Pacific ranked the top three as wireless, biometrics and forensics; #4 was intrusion prevention in EMEA and storage security in Asia/Pacific; #5 was risk management solutions in EMEA and business continuity and disaster recovery solutions in Asia/Pacific. Figure 6 showed that, overall, about 45% of the respondents expected to increase funding in the coming year for personnel and 38% expected increases in training budgets (sample size for these questions was about 800). In the Americas, more than 50% of the respondents reported salaries of $90,000 or higher; that number included the roughly 37% who reported salaries of $100,000 or higher. The second figure was up from about 32% in 2004 but similar to the proportion in 2006. There are many other valuable insights into the security profession in the reports. Much of the information could be used to bolster reports to management, to provide tidbits for the security column in corporate newsletters, and to plan budgets. I urge readers to download and read them carefully.   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. Who's to blame for browser bug? IE or Firefox? 2. Attack of the killer botnets 3. Google Earth captures China's new ballistic-missile sub 4. 6 burning VoIP questions 5. Phishing tool constructs new sites in two seconds 6. The 7 Wonders of the Internet 7. Hello Apple iPhone nano? 8. SF Wi-Fi plan faces key votes 9. Juniper scales down service router 10. The mainframe lives! MOST E-MAILED STORY: 15 great, free security programs

Contact the author: M. E. Kabay, Ph.D., CISSP-ISSMP, is Associate Professor of Information Assurance and CTO of the School of Graduate Studies at Norwich University in Northfield, Vt. Mich can be reached by e-mail and his Web site. This newsletter is sponsored by CREDANT Technologies, Inc. Data-at-Rest: Encrypt It, but Prove It Be aware of all mobile devices accessing your data, encrypt them and audit for compliance. It's about more than just encrypting bits on disks--a solution must accommodate workforce dynamics (all devices, users and locations) and easily enforce security rules with no compromise to user experience. Learn four essentials. ARCHIVE Archive of the Security Strategies Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007