• United States

IT security staffing

Sep 23, 20032 mins
Enterprise ApplicationsSecurity

* ITAA survey shows employers experiencing difficulty finding information security pros

PUBLISHER’S NOTE: Please note that, as of 9/29/03, all of your valued Network World Fusion newsletters will be delivered to you from If you use filters to manage your newsletters based on domain name, please adjust accordingly.

Despite the number of people looking for IT work, a new survey from the Information Technology Association of America shows that employers are having trouble finding information security pros.

Conducted in August and based on responses from 50 IT firms, the ITAA research uncovers a significant level of dissatisfaction in the ability of companies to hire information security workers. Companies find it difficult to quantify technical skills, according to 54% of respondents, while 43% say job candidates lack sufficient hands-on experience. Another third say their companies lack standards to evaluate potential employees against job responsibilities.

The ITAA, a trade association of high-tech firms, points to the study results as reason for the government to appropriate funds for the Cybersecurity Research and Development Act to increase the pool of trained applicants for IT security jobs.

“With the proliferation of Internet worms and other malicious codes, I find it troubling that information technology companies report difficulty in hiring information security professionals,” says Harris Miller, ITAA president. “If IT firms are having this trouble, I suspect that the problem affects all industries and detracts from efforts to shore up the nation’s cyber security defenses.”

Here are some of the survey highlights:

* Senior security pros are among the most difficult to find, with 70% of respondents reporting trouble hiring those with five to eight years of experience and 66% have difficulty finding experts with even greater experience.

* The most effective technique for finding security pros is to hire from within, according to 68% of respondents. More than half – 52% – also use word of mouth.

* Among security certifications, 73% of respondents said the Certified Information Security Systems Professional (CISSP) has the most clout.

* Candidates lack soft skills, say 36% of surveyed companies, who put the most emphasis on the ability to work in a group environment and communicate verbally.

For more information about the ITAA, go to