Establishing Digital Trust: Don't Sacrifice Security for Convenience
''Everybody is scared to death with what is going on with viruses, spam, denial-of-serviceattacks,'' says Dan Woolley, a vice president at Computer Associates International Inc.''They're trying to figure out what is happening and how to protect themselves from it. Thatsecurity has become a hot job doesn't surprise me at all.''
It also didn't surprise the analysts at Challenger, Gray & Christmas, a global outplacementfirm based in Chicago, who put chief security officers and other security specialists highon its list of Hottest Jobs in 2004. The only other IT-related job that made the Top 10 listwas IT consultant. Other jobs that made the list include pharmacist, accountant,investigator and nurse.
Security also found its way onto the analysts' list of Hottest Industries in 2004.''As privacy rights become a greater concern and worries persist about terrorism and theease of using the growing network of computers to commit crimes, the demand for securitywork in all capacities will keep increasing,'' Challenger, Gray & Christmas reports. Butanalysts there also add that being a hot job doesn't necessarily translate into being aneasy one to obtain.
Even with hiring increases in these areas, it will not be easy to obtain a job,'' says JohnChallenger, CEO of the outplacement firm. ''Special skills are required in several areas andcompetition is increasing dramatically. Many people overlook the fact that they arecompeting with older workers who are returning to the workforce, as well as collegegraduates just entering the workforce.''
Woolley, a longtime player in the IT security industry, notes that three years after thedot-com bubble burst leading into the beginning of a recession, there are a lot of IT peoplelooking for work right now. But not all of them have the technical chops to handle ITsecurity.
''CIOs are saying they can't find enough security people,'' says Woolley. ''We've gotpatching and legislative controls, and perimeter and inside issues. We just can't findenough security people to do the work. You've got lots of IT people but a lot of them aren'ttrained in security. When it comes down to the nitty gritty of securing corporateinformation, there are not a lot of them out there.
''There is a real need for down-and-dirty security people,'' he adds. ''People who candeploy firewalls, upgrade systems, remediate environments that have been hit with breeches,and can get patches updated,''
Gordon Haff, an analyst at Illuminata, an industry analyst firm based in Nashua, N.H., sayshiring managers need to be careful when it comes time to finding IT security specialists.
''People with a real deep expertise in security are a rare commodity,'' says Haff. ''It's arather involved and complex field. You have people calling themselves security experts andthey really aren't. It behooves a company to hire people who have been carefully checkedout, particularly when the implications of properly implementing security are so severe.''
Graham Cluley, a senior technology consultant for Sophos, Inc., an anti-virus company basedin Lynnfield, Mass., says IT security is a good field for technical people to get into butit won't be an easy ride.
''I certainly think it's true that in a time of recession when companies are cutting back,they can't afford to cut back on security,'' says Cluley. ''So IT security is a good area tolook into. But it's different from going around and checking printers. It's an excitingarea, but you have to be on top of it -- the viruses, the patches, the technology -- all thetime.''