Career Trends Survey Results: 2010 Promises New Roles, New Skills1st Annual Survey Taps Risk Management, Cybersecurity, Fraud/Forensics as Growth Areas Across Industries
How will professionals grow their skills - and will their employers foot the bill?
What are the minimum academic and professional requirements for information security professionals and leaders today?
These are among the key questions answered in the first annual Information Security Today Career Trends survey. The goal of the research: to create the benchmark for information security careers - where the jobs are and what's required to fill them.
The challenge: to create this benchmark at a time when the economy is recovering, the threat landscape is shifting and organizations are re-setting their information security priorities.
But then this survey also takes advantage of a unique opportunity: Led by President Obama, the U.S. has embraced cybersecurity as a national priority, and as such the nation's businesses, academic institutions and government agencies are focused as never before on information security and assurance. There is no better time to benchmark information security careers. And, frankly, there might not be a better time to start - or re-start - one.
There are three key findings from this inaugural study:
Risk Management, Cybersecurity, Fraud/Forensics are Top PrioritiesNo matter how you ask the question - "What skills are required?" "What training will you seek?" "What are the top 3 concerns for CISOs?" - the answer consistently comes back to risk management, cybersecurity and fraud/forensics investigations. These topics emerge among the top choices of skills, studies and job opportunities in 2010.
Information Security Professionals Want New Skills - and Organizations Will Foot the BillConventional wisdom is that when economic times get tough, training budgets take the biggest hit. But survey results tell a different story: that 42% of respondents will seek academic training in 2010; 62% will seek new certifications; and a whopping 79% of their organizations continue to fund that training at least partially.
Schools, Professional Groups Stand to Benefit in 2010Committed to growing their professional competencies, information security professionals will invest their time and resources in certifications bodies, professional organization and academic institutions in 2010. Asked what kind of training they intend to pursue, 62% choose certifications bodies, while 54% say professional groups and 43% select schools. No surprise: People work crazy hours these days, and so 53% of respondents say they prefer a mix of online and face-to-face training.
Some other interesting takeaways from each of our major survey categories:
- Education - 23% of respondents say a graduate degree is now the minimum requirement for entering the information security profession;
- Background Checks - At a time when we're continually told that we're at greatest risk of insider crimes, only 26% of respondents say they have undergone a background check in the past five years.
- Leadership - Asked where senior security leaders are recruited, only 34% of respondents say "promoted from within." 46% say their leaders are recruited externally.
About This Survey
This study was conducted electronically by Information Security Media Group (ISMG) in September 2009.
In all, there were 255 respondents, 47% of them from financial institutions, 12% from government, 9% from consulting and 9% from technology. When you look at the breakdown of respondents by role and responsibility, you see:
- 34% compliance or technology professionals;
- 14% in senior management;
- 37% have been in their current role 1-3 years;
The main objective of the survey was to benchmark 2010 trends in information security careers across industries. The survey was constructed specifically to assess:
- Background - The academic, security and business background of today's information security professionals;
- Duties and Critical Skills - The roles these professionals are filling today - and will be asked to fill tomorrow;
- Training Strategies - What they need - advanced degrees, industry certifications, business experience - and where they turn to get ahead;
- Hot Jobs - Employment trends for security professionals;
- The Next Level - Leadership requirements for security leaders seeking advancement.
Additional InsightsFor analysis on the survey results and what they mean for information security professionals in 2010, please be sure to check out:
- Podcast Interview - with Barbara Massa of McAfee Inc., one of the survey sponsors, discussing the main takeaways for career-minded pros.
- Survey Results Webinar - in which Tom Field, editorial director of ISMG, walks through the key results, then discusses them with industry and academic luminaries, including Massa, Patrick Howard of the Nuclear Regulatory Commission and John Rossi of National Defense University.