Government // Cybersecurity
Commentary
1/17/2014
11:03 AM
Mark Aiello
Mark Aiello
Commentary
50%
50%

3 Reasons Security Pros Are In The Driverís Seat Now

The coming weeks are the perfect time to ask for a raise or find the job of your dreams. Don't let a perfect storm of security problems go to waste.

The month of January is to IT staffing pros as the weeks before the MLB draft are to scouts. In a word, crazy. This traditionally kicks off the biggest hiring wave of the year, second only to September. It’s human nature to return from the holiday break with business-related New Year’s resolutions and the positivity of a Red Sox fan on the first day of spring training.

This is when optimism is at its highest. Take advantage of the wave. January is also when most budgets open up. Like a pitcher signing early to miss running into salary caps, don’t wait until the money runs dry. Yes, the InformationWeek 2014 IT Budget Survey shows almost 60% of respondents’ organizations will resource IT to meet demand increases. Demand for security is only going up. Still, there's no percentage in waiting.

If you need a shot of confidence, here are three points to consider:

The Target breach is mainstream news
Remember the line from It’s a Wonderful Life: “Every time a bell rings, an angel gets his wings.”  Well I say, “Every time there’s a data breach, a cyber-security professional gets a raise.” Now, it’s not that we’re looking to profit from misfortune. But it unfortunately often takes a “that could be us” moment to make the business recognize valuable contributors. You don’t get much more stark reminders than the ongoing Target/Neiman Marcus fiasco. As the costs continue to rack up on their way to a reported $500 million or more, corporations big and small see the brand damage that can be caused by a breach.

But don’t be fooled that the awareness level will stay high. We are a forgetful and forgiving society. Carpe diem.

[In the 17 years since we began the InformationWeek U.S. IT Salary Survey, more than 200,000 IT professionals have completed the questionnaire. Take part in the 2014 U.S. IT Salary Survey -- it's a great way to prepare for your next salary review, or that of the people you manage. Survey ends Feb. 21.]

Congress is (sort of) doing its job, and the government’s hiring
Federal and state government hiring of cyber-security pros is going through the roof right now. The pending fiscal year 2014 budget deal rolls back some sequestration cuts, and turmoil at the NSA is ongoing. If you’ve got proven experience and a government clearance, you can almost name your price. Don’t think you have to work directly for the government. Many contractors have won awards to provide a variety of cyber-security services. I’ve talked to firms that must leave money on the table because they can’t find the talent to do the work. Strike while the budget deal is hot.

2014 IT Budget Reality: Businesses Will Pay Up

Successful base stealing is 90% being ready to move
If you’re on the hunt for a new gig, check out one of my previous columns for tips. If you’re not looking, trust me, some of your colleagues are. I can almost guarantee that a few of your peers and maybe supervisors will make job changes this month. It’s like a week before the trade deadline — you never know what’ll happen. That shakeup just might provide the opportunity you’ve been waiting for. Watch, listen, network internally, and pounce on openings. Just because the previous owner quit does not mean the job is a dead end or overworked and underpaid. Even if it is, why can’t you work with your company to fix the problems? HR will almost certainly be open to negotiation, given the cost and risk of hiring a new security staffer.

Mark Aiello is President of Cyber 360 Solutions, a cyber-security professional services and staffing firm headquartered in Boston.

Can the trendy tech strategy of DevOps really bring peace between developers and IT operations -- and deliver faster, more reliable app creation and delivery? Also in the DevOps Challenge issue of InformationWeek: Execs charting digital business strategies can't afford to take Internet connectivity for granted.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mark Aiello
50%
50%
Mark Aiello,
User Rank: Strategist
1/20/2014 | 3:48:59 PM
Re: IT Recruiting
Than, thanks for the response.  Your advice is spot on.
tnguyengp
50%
50%
tnguyengp,
User Rank: Apprentice
1/18/2014 | 5:18:00 PM
IT Recruiting
In working with IT headhunters, I find that most IT professionals make the mistake of thinking that their hard technical skills are going to be the main thing that companies are looking for. While mastery of IT knowledge and skills are certainly important, it usually doesn't end up being the primary differentiator. What makes a candidate stand out to those is their ability to add value, consistently come up with solutions that can save time and/or money, and make a positive contribution to the company culture.

Than Nguyen

http://www.insourcegroup.com
Laurianne
50%
50%
Laurianne,
User Rank: Author
1/17/2014 | 3:17:12 PM
Re: Opportunity or Black Mark?
Thanks Mark. Thoughtful post. I would certainly be talking Target if I was interviewing for a security job right now.
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
1/17/2014 | 12:39:48 PM
Re: Opportunity or Black Mark?
That's a great point. It's not security products alone that stop attackers, it's the people. A company could spend millions on the latest point product, but without a smart plan, it's out the window.
Mark Aiello
50%
50%
Mark Aiello,
User Rank: Strategist
1/17/2014 | 12:06:29 PM
Re: Opportunity or Black Mark?
I think every breach is an opportunity for Cybersecurity Pros.  Sometimes it takes a disaster in order to recognize the unsung heroes.  My hope is that corporations begin to take notice that the people guarding their assets are as (or more) important as the technology.
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
1/17/2014 | 12:01:41 PM
Re: Opportunity or Black Mark?
Thats similar to the problems people have in the repair industry. If you fix things well enough, they won't break down again for a long time and that means you don't get paid. 
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
1/17/2014 | 11:32:25 AM
Opportunity or Black Mark?
Is the Target breach an opportunity for security pros, or yet another perceived black mark? Executives don't like security. It's a cost center, it's a drag on new business opportunities, and it can fail spectactularly. I'm not saying this is a fair characterization of the security profession. It's not.

My guess is that in the eyes of your average CEO, the Target breach doesn't emphasize the value of security. It says "Look at how they screwed up again." That doesn't sound like a great time to ask for a raise.

IT security teams are in a tough position. The business doesn't notice security when it's doing its job, because its job is to make sure nothing happens. The only time security is visible is when something has gone wrong.
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 16, 2014.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.