Content

Me and my job

What changes would you make to your department?

Technology is growing, but budgets seem to remain. If I had to choose one thing, it would be for a bigger budget and more people.

What annoys you?

When one vendor doesn't talk to another to make sure they work in harmony; products that had little to no quality assuarance; malware. It is a shame it is not safe for the average user to surf the web.

How do you describe your job to average people?

No one understands what an information security analyst is. Technically my job is to ensure the safety of our information and computer environment.

What part of your job are you most proud of?

Probably the most notable thing is not choosing mainstream vendors and getting all of our vendors to partner with each other and create products that are integrated for a unified solution (we beta test for all our vendors as this directly benefits us). For example, our intrusion prevention system (IPS) [NitroSecurity] can interface directly with our network access control (NAC) [Bradford Networks], which makes my job a lot easier.

How do you see IT security changing in the future?

Being on the net is like being in the bad part of town. Instead of bars on your house's windows, we have firewalls on our computers' windows. As operating systems like Vista come out, which make it harder for hackers and malware to survive, the hackers and malware will get more sophisticated. Fifteen years ago, we had viruses in DOS, and all you had to do was delete the file. Now we have root kits and alternate data streams, activeX controls and Java exploits, as well as browser hijackings.

 

SKILLS IN DEMAND

Certifications back

Pay for information security certifications is up 4.5 percent since July 2005, and +2.2 percent in first half of 2006. One year ago: 3.5 percent and 4.3 percent declines, respectively.

What about other certs?

122 surveyed IT certifications grew 3.8 percent in the past year, averaging 8.3 percent of base pay for a single certification versus 9 percent for an information security certification.

Will this continue?

Service vendors are hot for consultants with information security skills and willing to pay. Most other industries remain chronically information-security skill-deprived.

Source: Foote Partners 2Q 2006 IT Skills Pay Index

https://www.footepartners.com/htscpi_latest.htm

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.