Business & Finance
08:04 PM
Connect Directly
Repost This

Information Security Salaries Rise

Information security pros with bachelor's degrees don't get any more money than high school grads, but a master's or doctorate is convertible to higher salaries, according to the study. Moreover, communications skills rate more important than technical skills for career advancement.

A new study released today confirms that there is indeed a growing market for IS expertise.

Alan Paller, director of research at The SANS Institute, a respected IT research and education organization, suggests that people "are waking up to the fact that there’s a shortage of security talent."

The SANS Institute’s 2005 Information Security Salary and Career Advancement study of over 4,250 IS pros finds that compensation for IS jobs is strong and growing. For U.S. IS professionals, the median income, including bonuses, is now $81,558. In Great Britain, it’s $76,389. In Canada, it’s $67,982. In the rest of the world, it’s $51,250.

Paller says his organization has not conducted a salary survey since 2002 because it didn’t want to “pile on” during a time when salaries were under pressure. But he contends salaries in 2005 were significantly higher than three years earlier.

An infosec salary survey released in 2003 by Foote Partners LLC noted that compensation declined the previous year. The Foote survey found that in the fourth quarter of 2002, the overall base salaries for some 100 IT positions declined by an average of 2.8 percent from the fourth quarter of 2001. Yet even so, during this period salaries for corporate security positions rose an average of 5.5 percent, suggesting that even in bad times, good security remains a valuable commodity.

One noteworthy finding in the SANS study is that there’s essentially no difference in terms of compensation between IS workers with high school degrees and those with bachelor’s degrees. However, those with advanced degrees -- a Master’s or Doctorate – can expect to earn significantly more than those with lesser academic credentials.

Another finding of note: certifications from The International Information Systems Security Certification Consortium, Inc. (ISC) and the Information Systems Audit and Control Association (ISACA) translate into greater earnings than other certifications, such as those bestowed by individual vendors like Microsoft or Cisco.

Respondents indicated that those certifications offered an edge in management or policy-centric jobs -- typically highly paid positions. But for hands-on security, survey takers said the Global Information Assurance Certification (GIAC), administered by SANS, and certifications offered by vendors were more advantageous.

Paller interprets this as an indication that there’s no substitute for real world experience. “You can’t become a pilot by studying airplanes,” he says, suggesting that employers should be wary of computer security pros who have never wrestled with securing actual systems.

Perhaps the most unexpected finding, according to Paller, is that those taking the survey rated communication skills, both verbal and written, as more important than technical knowledge in terms of career advancement.

Comment  | 
Print  | 
More Insights
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.