Article

Q2 2009 data shows IT security certification pay still climbing

Carolyn Gibney, Assistant Site Editor

    Requires Free Membership to View

    Login

[Companies are] starting to look at security as more of a business risk. [They] realize if they don't get their acts together, their reputation suffers, their brand suffers.
David Foote, CEO and Chief Researcher, Foote Partners LLC,
While IT security certifications likely won't improve enterprise security, they may boost a security pro's job security. According to the IT Skills & Certification Pay Survey (.pdf) published by the Vero Beach, Fla.-based Foote Partners LLC, security certifications continued to buck the downward trend of certification pay for the second quarter of 2009.

Of the 11 certifications that gained value during the past three months, six were security related. The GIAC Certified Incident Handler (GCIH) cert was up 11.1% for Q2 and 25% since the beginning of 2009. Other certs that gained significantly were the EC-Council/Certified Hacking Forensics Investigator, the GIAC Certified Incident Manager (GCIM), the GIAC Certified Forensics Analyst (GCFA), the GIAC Certified Intrusion Analyst (GCIA), and the Certified Information Systems Auditor (CISA).

So how is it that, despite the economic turmoil, pay for these certs is still on the rise? "With state laws about public disclosure, [companies are] starting to look at security as more of a business risk. [They] realize if they don't get their acts together, their reputation suffers, their brand suffers." said David Foote, the firm's co-founder, CEO and chief researcher.

Foote said security certs lead all skills categories, both certified and noncertified, with an impressive 2% gain during the past 12 months.

"This is made even more impressive by the loss of 4.1% in value for certifications overall in the same period," he added. "And it's not just regulations, compliance and governance driving the gain. Security has become a key product and service differentiator among customers who are insisting on better protection for their data whether in servers or transported across networks."

For more information
Get advice from the Information Security Career Advisor.

Have a question for the Information Security Career Advisor? Email him here.

Looking to become an information security expert? Read more.
Two of the most widely respected security industry certifications, the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM), neither gained nor declined over the past quarter, but were up 16.7% and 15.4%, respectively, since December 2007. These steady gains are a result, according to Foote, of "companies making serious changes in 2007. [They began to] look at where the risk was [and] realized they were spending way too much money on the perimeter and not enough on data protection. [This is] the third year where companies have been trying to move these budgets to where the risk really is."

Due to this increased demand for and focus on security, Foote said the key to a successful future for security professionals is "understanding the business and where it's heading. The major barrier is that communication between business and security could be a lot better. [In the future] security will not be like a guard with a flashlight and no gun, which is what security is at a lot of companies."


Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top