How Secure Is the Cyber-Security Profession?

By Samuel Greengard
  • Previous
    How Secure Is the Cyber-Security Profession?

    How Secure Is the Cyber-Security Profession?

    Many information security professionals reported that they do not have a clearly defined career path, nor a plan to take their career to the next level.

With cyber-breaches and cyber-security in the news on a daily basis—and demand for security experts on the rise—one would think that the field would deliver a robust career path. However, according to an October 2016 report from the Information Systems Security Association (ISSA) and independent industry analyst firm Enterprise Strategy Group (ESG), "The State of Cyber-Security Professional Careers," this simply isn't the case. The two organizations polled 437 information security professionals located in all regions of the world and found that industry rhetoric doesn't necessarily match reality. Many cyber-security pros aren't sure how to proceed with their career path; many aren't receiving the training they desire or need; relationships between business, IT and security teams are lacking; and too many organizations accept "good enough" rather than very good security. Moreover, many organizations are using a broken model. Among other things, many security executives are not getting enough face time in the boardroom—a significant factor that contributes to turnover. And organizations are struggling with internal relationships among the cyber-security, line of business and IT teams. Here's a look at some of the key findings from the report, along with how these factors are affecting security careers.

This article was originally published on 2016-11-16
Samuel Greengard writes about business and technology for Baseline, CIO Insight and other publications. His most recent book is The Internet of Things (MIT Press, 2015).
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.