Post Mon Jul 09, 2007 12:06 pm

Security Specialists (and those with certs) See Salaries Rise

I thought this would be of particular interest to our readers:

Demand for highly trained and certified I.T. security professionals is forcing CIOs and I.T. managers to shell out higher salaries, and to adjust their budgets to meet the increased security expectations of their customers and their executive management teams.

In the past six months, salaries for certified I.T. workers rose 2%, bucking a year-long trend in declining pay for I.T. certifications, according to a report issued this week by I.T. workforce research firm Foote Partners.


Whether it's vendor-sponsored certification from the likes of Cisco, IBM, Hewlett-Packard, Microsoft and Oracle, or independent organizations such as the International Information Systems Security Certification Consortium or The SANS Institute, companies are fighting among themselves to keep and attract systems administrators and database analysts who have the ideal blend of technical expertise and security acumen.

"In the past, we'd ask CIOs if their companies were taking steps to strengthen security in the wake of high-profile identity and data theft incidents, and about 34% of them weren't," says David Foote, the report's author. "They need highly credentialed people to deal with deadly security issues, but some of them seemed to be ignoring the problem. That's odd, because I.T. usually never ignores anything."

In the immediate aftermath of the Sept. 11 terrorist attacks, I.T. organizations bolstered their stables with certified security specialists to protect their systems from possible attacks on their physical infrastructure as well as their business-critical information networks. But as time went on, business reality changed their focus to hiring I.T. specialists who were highly trained in vendor-specific applications and systems like Microsoft .NET, Java and Unix, and not necessarily security-specific certification.

But with every new and more insidious data or identify theft incident, customers who don't want to end up on the front page of The New York Times or The Wall Street Journal are demanding higher levels of security certification from their vendors as well as their suppliers.

Just days ago, Fidelity National Information Services revealed that the personal information of more than 2.3 million people had been stolen from its database by a wayward employee. The breach occurred at Certegy Check Services, a company that handles check and credit card monitoring for merchants and casinos.

In January, thieves made off with more than 45 million credit and debit card numbers from retailer TJ Maxx in the largest personal data breach ever recorded.

"For several years, we saw that certification was losing its value," Foote says. "But right now, the only segment of I.T. salaries that's showing any growth over the last six months is security certification."

Copyright (c) 2007 Ziff Davis Media Inc. All Rights Reserved.


Original story:
http://www.baselinemag.com/article2/0,1 ... 910,00.asp

Don
CISSP, MCSE, CSTA, Security+ SME