What do you think needs more attention from the industry?
Two items that demand much more attention are data architectures and compliance with standards that have been commonplace in other industries for years, if not decades.

Deficiencies in these two areas make the cost of technology implementation unnecessarily high and complicated, sometimes beyond resolution or our ability to integrate systems and information.

What annoys you most in the industry?
I grow a bit impatient with people who read a few things on the internet and present themselves as experts on a subject. At minimum, they waste a lot of time and too often they drive bad decisions.

How do you describe your job to average people?
When they ask, I tell them I play with computers for hospitals. If they are interested in more detail, they will usually ask questions and I follow their lead.

What would you use a magic IT security wand for?
To change the culture and attitudes; to get people to understand it is no more intrusive to follow good security practices than it is to wash your hands before a meal.

What security threats do you consider to be overblown?


Certifications declining
Pay for information security certifications may have declined 1.2 percent in 2006, but they're still earning certificants an average 8.7 percent of base salary per certification. That's better than most other certification categories.

What about other certs?
129 surveyed IT certifications fell 0.2 percent in the past year, averaging 8.2 percent of base pay for a single certification.

And noncertified IT skills?
IT skills are soaring in value, averaging seven percent growth in 2006. Top dogs: Applications and web/ecommerce development skills.

Source: Foote Partners IT Skills Pay Index