IT Security & Network Security News & Reviews: Enterprise Security: Critical Skills Needed, Survey Says
Enterprise Security: Critical Skills Needed, Survey Says
by Brian Prince
Frost & Sullivan estimated the number of IS professionals worldwide in 2010 at about 2.28 million. This figure is expected to rise to nearly 4.24 million by 2015, with the Asia-Pacific, Europe, Middle East, and Africa regions seeing significant growth.
Many items on this list will sound familiar. Application vulnerabilities pose a challenge for many organizations, as does the growth of mobile devices. More than 70 percent of those surveyed said that more than 25 percent of their employees have mobile devices. Managing these devices translated into 65 percent of respondents from the Americas classifying the mobile threat as very to somewhat.
Mobile Management Policies
Concern about mobile devices is leading to widespread adoption of policies for unmanaged devices. In addition, many respondents said they have technology in place to secure mobile devices, with 71 percent indicating they use encryption and 59 percent stating they use network access control.
Cloud Computing on the Menu
Enterprises are pursuing cloud computing despite some trepidation. But those fears, the survey showed, are real, with 85 percent of respondents being concerned about the exposure of sensitive data and the majority saying new skills are needed to secure the environment.
Web 2.0 in the Enterprise
Many organizations are embracing social media, from Facebook to LinkedIn to blogs. About 28 percent of those surveyed said they have no restrictions on accessing such sites.
IT Certifications and Education
Respondents were optimistic the amount of money spent on training, education and certification would push upward in 2011-a good thing, since 44 percent of respondents worldwide (and 45 percent in the Americas) said classified security certifications are very important.
Salary Differences by Region
Salaries continue to climb in developed countries, while average salaries in developing countries are still relatively low. However, the level of experience among those surveyed who were from developing nations versus developed nations only differed by two years (10 years of experience as opposed to 12 worldwide).
Security pros identified a number of areas where additional training and education was needed, chief among them being information risk management and application security.
What Is Needed
IS professionals believe there are certain things that are necessary to make a strong security posture. This starts with management support of security policies but also includes getting users on board with security practices.