Security Salaries, Hiring Grew During Lean 2009

SAN FRANCISCO -- RSA Conference 2010 -- For almost every industry and profession, 2009 was one of the worst economic periods in recent memory. But for security professionals, things weren't too bad, according to a study published here this week.

(ISC)2, the international security professionals' association, released the results of its annual member study, which shows both salary and hiring in the security industry going strong despite the economy.

More than half of the security pros surveyed (55.1 percent in the U.S.) received salary increases in 2009, according to (ISC)2. Less than 11 percent saw their salaries and/or benefits cut, while 4.8 percent were laid off by their employers.

Of the 800-plus respondents who identified themselves as having hiring responsibilities, more than half (53.3 percent) said they are looking to hire permanent and/or contract employees in 2010. In the U.S., this is an improvement over the previous year's survey, when 44.5 percent of hiring managers said they expected to be hiring in the second half of 2009.

Of those hiring, 40 percent said they will be hiring three or more information security professionals this year, compared to the 2009 survey, in which just 13.1 percent said they would be hiring three or more new permanent or contract employees. More than 90 percent of hiring managers globally said their biggest hiring challenges are finding candidates with the right skills and level of experience.

In a recent study, the research firm Frost & Sullivan predicted 2.7 million IT security jobs would be posted in 2010, according to W. Hord Tipton, executive director for (ISC)2. "But there are only about 1.7 million in the workforce now," Tipton said. "There aren't enough qualified people out there."

Approximately 54 percent of respondents expect no personnel reductions or layoffs in their security staffs for 2010; about 20 percent expect additional layoffs, compared to 40 percent of respondents in the previous year.

In the U.S., 34.2 percent of respondents believe the economic downturn is causing an increased security risk within their organizations, according to the study. Thirty-seven percent identified outside attacks from hackers as the most common security risk attributed to the economic downturn.

Employee misconduct is considered the most common risk globally by 37.7 percent of respondents, who believe there is an increased security risk in their organizations.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message