A new study conducted by the International Information Systems Security Certification Consortium, or (ISC)2, finds an acute shortage of qualified IT security personnel. That's distressing for enterprise executives, but the upside for security pros is that they have plenty of employment opportunities.
InformationWeek's Matthew J. Schwartz reported, "More than two-thirds of the world's chief information security officers (CISOs) and other c-level executives report that their current information security operations are understaffed, and that it's compromising their company's security. That finding comes from a new study released Monday by information security professional body (ISC)2, and is based on an online survey of 12,000 information security personnel, 14% of whom are C-level managers or officers, at the end of last year. The study was sponsored by (ISC)2 — which counts nearly 90,000 members — and Booz Allen Hamilton, and conducted by Frost & Sullivan."
Sean Michael Kerner with eSecurity Planet added, "The topline result from the study is that most IT security professionals believe their organizations are understaffed. Worse, the situation is stressing out and straining the IT security workforce. Seventy-one percent of the current IT security workforce 'is really feeling the strain,' Hord Tipton, executive director of ISC(2) told eSecurityPlanet. 'I fear it's placing many organizations in danger.'"
CSO's Joan Goodchild noted, "While the shortage is making response time difficult for those in charge, (ISC)2 says it is good news for security professionals who are enjoying stable employment. Over 80 percent of respondents reported no change in employer or employment in the last year, and 58 percent reported receiving a raise in the last year. The number of professionals is projected to grow steady globally by more than 11 percent annually over the next five years, according to (ISC)2 officials."
According to eWeek's Brian Prince, the study also found that "Nearly 70 percent said they view security certifications as a reliable indicator of competency when hiring. In fact, almost half of all hiring companies (46 percent) require certification. Additionally, 60 percent said they plan to acquire certifications in the next 12 months, with the CISSP certification being in top demand."