Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The CSO security career survival guide

George V. Hulme | March 27, 2015
There is little doubt cybersecurity is a hot career path right now. According to labor analytics firm Burning Glass, cybersecurity job postings grew 74% from 2007 through 2013 – a rate of growth that was twice as rapid as all IT jobs combined. And demand for cyber information security positions certainly hasn't let up since.

There is little doubt cybersecurity is a hot career path right now. According to labor analytics firm Burning Glass, cybersecurity job postings grew 74% from 2007 through 2013 a rate of growth that was twice as rapid as all IT jobs combined. And demand for cyber information security positions certainly hasn't let up since.

Enterprise security investments are expected to continue to grow. Interestingly, however pay for security talent isn't always on the rise, as one of our recent State of the CSO Surveys revealed. We found that surprising, considering that the enterprise job demand for skilled IT security professionals continue outstrip supply, in a recent story on the cybersecurity pay gap.

Still, information security is an exciting and rewarding career where one gets to work in ways that help to increase the resiliency of the devices and networks we use every day to access information, do our jobs, and conduct commerce. Cybersecurity careers also provide tremendous diversity in the type of work that can be done, from technical roles such as engineering security into devices and software to CISO management roles to penetration testing.

In fact, the information security jobs marketplace is a field with seemingly countless specialties: network, application, database, cryptography, threat intelligence, threat modeling, identity, auditing, malware analyst, forensics, and so on.

Additionally, most all enterprise security positions increasingly require solid communications skills and business savvy: it's no longer as much about how to secure applications and business-technology systems but more security professionals need to help the business move into new markets, embrace new technologies and geographies in a way that mitigates the business risks. Those who can bridge the language gaps between the business suits and engineers and development teams will do very well in the years ahead.

Also, technology is changing more rapidly than ever. Traditional on-premise systems are moving to cloud-based systems, data has moved from the data center to mobile devices, and the intelligence of the business network is moving from within the data center to employee handheld devices. And the network is now beginning to connect everything in the so-called Internet of Things.

Even how enterprise development and operations teams work together to build and manage infrastructure and applications for the enterprise is changing as continuous integration and continuous deployment, as well as the DevOps movement continues takes hold.

Finally, enterprise information security, when done right, disappears. That means it's incredibly challenging to correlate good information security with the bottom line of the business. Good security is costly, and when looking at the need to produce profits and keep costs low security is often perceived as a cost center rather than a trust enabler by the boardroom.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.