Information security professionals are among the most stable of tech workers. They are paid well, the majority got raises last year — 20% of them of more than 5%. Plus the demand for security specialists will grow 11% annually for the next five years.
Those are findings from the most recent survey of IT security professionals conducted by (ISC)2, the world’s largest not-for-profit information security professional organization. More than 12,000 members and non-members took part in the biennial Global Information Security Workforce Study, reporting on matters ranging from salaries and workload to their views on the current state of information security and protection.
Among the key findings:
- Average salary globally is $92,835. Salaries in the developed countries of the Americas are among the highest in the world, with 79% of workers earning more than $80,000 annually.
- Worker stability is high; 83% of the global security workforce had no job change in the last year, a percentage virtually unchanged from the previous survey in 2011. Only 11% reported leaving a job for another employer in the last year.
- Both staff tech security specialists and C-suite executives agree their organizations have too few workers doing the job. Remarkably, more executives believe that — two-thirds of the respondents — than do the workers themselves (56%).
- One reason for the under-staffing: a shortage of qualified workers. Security analysts, said 47% of respondents, topped the list, followed by security engineering-planning and design (3%), and security auditor (31%).
- 30% of all respondents, and 34% of executives expect spending on personnel to increase this year, while about the same percent of respondents expect increases for training and education.
In hiring security specialists, technical knowledge is essential as might be predicted, but even more important, the survey found, is a broad understanding of the security field and communication skills. Respondents in different industries ranked some skills differently, but across the world technical and communication skills and a broad understanding of the field always ranked in the top three.
The survey also asked the world’s security specialists what most worries them. Hackers, state-sponsored spying, which has been much in the news recently, and cyber-terrorism all made the list, but not at the top. Of most concern is the vulnerability of the various applications and programs — many of them commercially popular products most of us use. Next is the malware Internet users get tricked into downloading, followed by mobile devices and internal users, meaning company employees.