IT security pros are needed most, hardest to find


IT security professionals are among the most in-demand in the IT job market this year, but hiring managers will have a difficult time luring these workers away from their current employers. Not only are IT security pros well paid, they are among the most stable IT workers in the industry.

Those are among the findings of the recent Global Information Security Workforce Study by (ISC)2, the largest not-for-profit information security professional organization. (ISC)2 recently surveyed more than 12,000 members and non-members on a variety of topics ranging from salaries and workloads, to the current state of information security and protection.

"Information security professionals are among the most stable of tech workers," notes an article at "They are paid well--the majority got raises last year--20 percent of them more than 5 percent. Plus the demand for security specialists will grow 11 percent annually for the next five years."

According to the (ISC)2 study:

  • The average salary for an information security professional globally is "92,835. Salaries in the developed countries of the Americas are among the highest in the world, with 79 percent of workers earning more than $80,000 annually.
  • Worker stability for IT security pros is very high: 83 percent of the global security workforce had no job change in the last year. Only 11 percent reported leaving a job for another employer within the past 12 months.
  • Both staff IT security specialists and C-suite executives are in agreement that their organizations have too few security pros on staff. Interestingly, executives are more likely to think that way (cited by two-thirds) as opposed to IT security workers themselves (cited by 56 percent).
  • One reason for the under-staffing is a reported shortage of qualified IT security pros in the job market. Security analysts top the list (cited by 46 percent), followed by security engineering-planning and design (cited by 33 percent) and security auditor (cited by 31 percent)
  • 30 percent of all respondents and 34 percent of executives said they expect spending on IT security professionals to increase this year. Approximately the same percentages said they expect increases for training and education of these professionals.

The (ISC)2 study findings are confirmed by recent research from esg-global.

"Of those organizations planning on adding new IT staff positions in 2014, 42 percent say they will increase headcount in information security. This is the highest percentage of all IT skill sets," notes research author Jon Oltsik.

But again, the esg-research findings confirm that finding IT security professionals in the job market will not be an easy task this year.

"Twenty-five percent of all organizations surveyed claimed that they have a 'problematic shortage' of information security skills at their organizations," Oltsik says. "Once again, this was a higher percentage than any other individual IT category."

Esg-research also took a look at how severe the shortage of IT security professionals was within specific industries. Those industries reporting the most severe "problematic shortages" were:

  1. Government organizations (cited by 36 percent)
  2. Manufacturing organizations (cited by 29 percent)
  3. Financial services (cited by 28 percent)
  4. Retail/wholesale organizations (cited by 27 percent)
  5. Healthcare organizations (cited by 22 percent)

Read more:
- check out the Global Information Security Workforce Study
- see the article
- read the esg-global blog

Related Articles:
California launches cyber-attack awareness campaign
Majority of IT pros assume their networks have or will be compromised [FierceITSecurity]
New studies confirm IT security vulnerabilities