IT Security: Increase in Both Complexity & Career Opportunities

IT SecurityResearch has highlighted that keeping systems secure is more difficult than it was a year ago. Yet at the same time, IT security professionals are incredibly hard to find, opening the door to plenty of IT security career opportunities.

ESG Research has shown that 25 per cent of enterprise and mid-market organisations claim that they have a problematic shortage of IT security skills, which was a higher percentage than any other individual IT category. Furthermore, 42 per cent of organisations that are planning to add IT headcount in 2014 say they will hire IT security professionals, which was also the highest percentage of all IT skill sets.

This security skills deficit comes at a critical time. According to a new study by KnowBe4, a security awareness training provider, 51 per cent of the surveyed IT Managers find security harder to maintain now than last year, while 40 per cent find it is about the same. The rise of ransomware, rapid technology advances and the adoption of BYOD create a greater challenge for businesses to guard themselves against the numerous internal and external threats. As more companies are embracing mobile technology, these threats are only set to grow.

“To maintain security, every company should adopt the ‘defense-in-depth’ strategy and create a strong first layer that includes up-to-date security policies, procedures and security awareness training as this affects every aspect of an organisation’s security profile,” says Stu Sjouwerman, CEO and Founder of KnowBe4.

Break into the IT Security Field

With more organisations planning to hire IT security professionals than any other role within IT, many IT pros that already have a career in system or network administration are tempted to make the switch into IT security. In order to help you, we have listed some resources to help you to break into the field.

An important first step to take when you are just starting your career in information security is to gain the education and training looked for by potential employers. If you already work as an IT professional and hold a degree in computer science or in network administration, you might already have enough knowledge to snap up an IT security job. However, some colleges and universities also offer degrees that are aimed specifically at preparing security experts. Some of them even offer online courses, such as the Stanford Advanced Computer Security Certificate program.

Furthermore, additional certification can help you get past the HR gatekeeper. There are several vendor-neutral security certificates available, including: (ISC)2 Certified Information Systems Security Professional (CISSP), which is one of the most well-regarded entry-level certifications in the industry; and Global Information Assurance Certification (GIAC) Security Essentials (GSEC). As a starter, you may also want to look into taking the CompTIA’s popular Security+, which addresses most of the major IT security topics such as cryptography and access control. Of course, these are just a start and there are many other vendor-neutral as well as vendor-specific certifications for you to choose from and to become more specialised in the field.

If you are already a working security professional, subscribing to mailing lists such as the SANS newsletters are indispensable when you want to keep up-to-date. You could also have a look on SecLists, which hosts the archives of many other popular mailing lists. Additionally, regularly attend conferences such as the RSA Conference or Cisco Live!, and follow other security professionals on social network sites such as LinkedIn and Twitter.

Post a Comment

Your email address will not be published.