Highly experienced professionals are very hard to find, as enterprises have to go through lengthy processes to hire security experts who, although very experienced, are rather rare. Organizations that work with more than 2000 members report increases in salary and number opportunities to grow and ascend for trained and experienced security professionals, despite the slow economic environment. These are the key findings of the (ISC)2 2012 Career Impact Survey.
According to the survey, 96% of security professinals are currently employed and only as low as 7% of information security professionals were unemployed at any point during the last year. Moreover, over 70% or respondents received a salary increase in 2011 and more than half expect to receive an increase in 2012. More than half of those who changed jobs said they did so because they had opportunities for advancement. Read more
A recently published study shows that database administrators don’t fully understand security. According to these fresh findings, database administrators and IT decision-makers in general admit to knowing very little about security issues like change control, patch management, auditing etc. This survey was conducted on 214 Sybase administrators belonging to the International Sybase User Group.
“A majority of respondents admit that there are multiple copies of their production data, but many do not have direct control over the security of this information,” the survey report stated. “Only one out of five take proactive measures to mask or shield this data from prying eyes.”
According to the report’s author, Unisphere Research analyst Joe McKendrick, the ISUG survey is the first released of a series of similar database security surveys being conducted across various database user groups, including those running other platforms such as Oracle and SQL Server. Read more
A recent survey by Forrester Research shows that the lack of qualified security staff is one of the main reasons IT managers cannot successfully secure the enterprise. Their survey of over 2,000 IT executives in the US, UK, Canada, France and Germany found that one of the key problems behind corporate IT security is getting qualified staff to do the job.Almost half of the It managers in the US and Europe are dealing with this issue.
“Security leaders feel that they simply don’t have enough staff to carry out day-to-day tactical activities while adjusting to major business and IT shifts and changing threats,” said Forrester principal analyst Khalid Kark.
If any manager out there was still wondering if their employees would actually steal company data, the answer is here. Yes, they would, although they know it’s illegal. And while most companies know the main threats that can lead to data theft are insiders, they do little to nothing about it. This is the Dark Reading conclusion after putting together two separate surveys conducted by security vendors.
One of the researches surveyed over 600 employees from the financial districts in New York, USA, and London UK. A lot of respondents admitted they had no problem taking work home and then keeping it for their own benefit. While the overwhelming majority knows this would be illegal, some had already taken confidential data to a new job and others said they would share such data at any time with friends or family if that would help them get hired in a better position. There are also those who would just take the private data just in case, as a long term insurance policy. Read more
According to recently released data, US mid-sized companies are more concerned about information security than cutting down costs. The survey conducted by Arrow Electronics Inc collected data from 200 US companies with annual revenues from less than $ 100 million to over 1 billion. 80% identified security as a top business issue, while only 60% referred to cost reduction and 64% target improving their customer service.
Although they admit IT security is of utmost importance, few are satisfied with the level of security already implemented in their mid-sized businesses. Only 32 percent of respondents said their company is properly handling all threats. That leaves 68% of companies concerned, yet highly vulnerable.
Yet the 32% might also be quite vulnerable to all kinds of threats, as shown by David Vellante, co-founder and principal contributor of the Wikibon user group. His statement, quoted by Dark Reading, shown these respondents are only unaware of what’s really at stake.
”I believe that the 32 percent of respondents that are ‘very satisfied’ with how their company is addressing security concerns are deluding themselves — they should wake up and smell the coffee,” wrote Vellante. “As an industry, since 2000 we’ve spent billions on security in the form of virus protection, network security, firewalls and other infrastructure… do you feel more secure? No way!”