Hiring managers want security certifications

* Results of the (ISC)2 Global Information Security Workforce Study

In a newsletter last month, I mentioned that security training is expected to be a key growth area in 2005. A recently published survey of security professionals by IDC and sponsored by (ISC)2 adds fuel to this expectation. A whacking 93% of the 2,133 security hiring managers polled said certifications are an important hiring decision.

Furthermore, many of the 5,371 security pros surveyed for the "(ISC)2 Global Information Security Workforce Study" said they hold multiple security-related certifications, including one vendor-neutral and one or more vendor-specific certifications.

IDC predicts that the worldwide population of information security execs will grow to more than 2.1 million pros in 2008 (from 1.15 million in 2003). With those facts in mind, now is the time to seriously begin looking into taking some security courses if you want to be seen as an attractive candidate for security roles.

IDC's survey of 5,371 security professionals across the world was carried out over the summer and paints a revealing picture security execs today. They typically possess an average of 13 years general IT experience, and an average of 7 years of security experience. They receive an average of 10 days of information security-related training each year and carry a variety of titles, including security consultant, security manager, director of security, and CIO.

The research group said it found the security pros polled to be optimistic about the future of their professions, particularly as the economy slides out of its slump. But the respondents say there is room for professional development, and cite the need for additional training and certification in the areas of security management practices, telecoms and network security, and business continuity and disaster recovery planning.

Other nuggets from the report include:

 * A full 42% of the respondents said they are involved in making information security staff hiring decisions; 32% manage their organization's security staff; 21% lead their organization's IT staff.

* While security staffs receive an average of 10 days of relevant training each year, only 27% believed the number of days would increase next year. The majority (60%) believed it would stay the same.

* Responding organizations employ an average of 10 full-time security pros and 5 part-time staff members.

Learn more about this topic


Study: Information security field to grow steadily

IDG News Service, 11/09/04

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2004 IDG Communications, Inc.