The results from (ISC)2, which has over 80,000 members in more than 135 countries, are from its third survey tracking the impact of the economic climate on cyber security salaries, hiring outlook, budgets, threats and more. More than 2,250 security professionals participated.
Of the respondents, 72 percent said that in 2011, their organization hired individuals specifically for information security roles. Additionally, a majority of respondents - 62 percent - reported they are looking to hire additional permanent or contract information security employees in 2012.
Of those hiring, 81 percent said an understanding of information security concepts is an important factor in their hiring decisions. Other top factors included directly related experience (72 percent) and technical skills (76 percent).
Additionally, hiring managers identified the top skills they are looking for: operations security (55 percent), security management practices (52 percent), access control systems/methodology (51 percent), security architecture/models (50 percent), risk management (49 percent), telecom/network security (45 percent), applications/system development security (44 percent) and cloud/virtualization (35 percent).
“This is good news in a gloomy economic climate,” commented Richard Nealon, member of the (ISC)2 Board of Directors. “With demand outstripping supply, there is real opportunity to forge a rewarding career, even for newcomers who may not have considered the possibilities, as employers seek to meet their needs. I believe the base requirement is passion and a genuine interest for what you are doing, personal integrity, an inquiring mind, and a small modicum of common sense. The rest can be developed.”
“These results from our latest Career Impact Survey demonstrate that even in tough economic times, information security professionals are in high demand by hiring managers and organisations who understand that their skillsets are not only paramount to their organization’s ability to conduct business, but also give them a competitive advantage,” said W. Hord Tipton, CISSP-ISSEP, CAP, CISA, executive director of (ISC)2. “This data reflects the increase in security breaches we saw throughout 2011 and the fact that organisations, both in the public and private sector, are finally realising the importance of implementing sound security programs that should be run by experienced and qualified professionals.”
Tipton added, “Security is an ever-changing field that requires professionals to expand constantly upon their knowledge of today’s advanced threats. Just as importantly, this field also calls for hands-on experience and the business know-how to implement robust security practices across an organisation. While it’s a very positive sign that this field continues to grow and is somewhat ‘recession-proof,’ one of the biggest challenges that remains is finding enough of the right people with the appropriate security skills to fill the huge void that exists right now. We must continue to build this workforce at an aggressive pace.”