lunes, 28 de febrero de 2011

The 2011 (ISC)2 Global Information Security Workforce Study

The (ISC)² Global Information Security Workforce Study reflects the opinions of the dynamic information security workforce. It is the largest study of its kind and provides detailed insight into important trends and opportunities within the information security profession. It aims to provide a clear understanding of pay scales, skills gaps, training requirements, corporate hiring practices, security budgets, career progression and corporate attitude toward information security that is of use to companies, hiring managers and information security professionals.  

Some key findings of this year’s study include:
Application vulnerabilities represent the number one threat to organizations. More than 20 percent of information security professionals reported involvement in software development.

Mobile devices were the second highest security concern for the organization, despite an overwhelming number of professionals having policies and tools in place to defend against mobile threats.

Professionals aren’t ready for social media threats. Respondents reported inconsistent policies and protection for end-users visiting social media sites, and just less than 30 percent of respondents had no limits set whatsoever.

A clear skills gap exists that jeopardizes professionals’ ability to protect organizations in the near future. This year’s survey repeatedly illustrates the deployment of new technologies in the enterprise being offset by a demand for more security education on these technologies.

Information security professionals weathered the economic recession very well. Three out of five respondents reported receiving a salary increase in 2010.
Overall, salaries for information security professionals increased, with the Asia-Pacific (APAC) region showing the highest growth at 18 percent since the 2007 study.

Cloud computing illustrates a serious gap between technology implementation and the skills necessary to provide security. More than 50 percent of information security professionals reported having private clouds in place, and more than 40 percent of respondents reported using software as a service, but more than 70 percent of professionals reported the need for new skills to properly secure cloud-based technologies.

Developing countries illustrated opportunities for growth with an experienced and more educated workforce. On average, survey respondents in developing countries only had two fewer years of experience than their developed counterparts. They also spent more time on security management and less time on internal issues than their developed country counterparts.

The information security workforce continues to show signs of strong growth. As of 2010, Frost & Sullivan estimates that there are 2.28 million information security professionals worldwide. This figure is expected to increase to nearly 4.2 million by 2015.

Link relacionado:
- Los departamentos de seguridad no están preparados para las nuevas tecnologías

No hay comentarios: