Salary premiums for security certifications increasing, study shows
Foote Partners report data bucks trend seen in other IT areas
Want more money for your information security skills? Try getting a professional certification. For all the continuing debate about the real value of IT certification programs, the premiums that companies are willing to pay for certified information security professionals is actually trending upwards.
A report released last week by New Canaan, Conn.-based Foote Partners LLC shows that formally certified security professionals on average are still commanding about 10% to 15% higher salaries than noncertified individuals in comparable roles. The numbers were marginally higher than the premiums offered for certified security professionals six months ago. Among the certification programs commanding the highest premiums were Certified Information Systems Security Professional (CISSP) , Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM).
In contrast, the premiums being offered for individuals with professional certifications in other IT areas fell by about 2% over the past one year, according to the Foote report. The analysis was based on salary data from 33,800 U.S and Canadian IT professionals.
"Security certifications bucked the overall trend by growing in value from October to April, up an average of 1.7 percent across the entire group of twenty-seven security certifications that we survey," the report said. "This is a very important development, because salaries as well as skills pay for IT security professionals stopped growing and in some cases declined a few years ago following what had been a strong wave of hiring in the wake of Patriot Act, Homeland Security Act, and Sarbanes-Oxley Act legislation," the Foote report said.
That trend has begun reversing itself as demand for qualified security professionals has begun to steadily grow recently, said David Foote, CEO of Foote Partners, in an interview with Computerworld. High-profile breaches, such as the one at TJX earlier this year, have made company executives increasingly nervous about the impact of security breaches on their customer bases, Foote said. As a result many have begun to ramp up their security efforts, resulting in an overall increase in demand for qualified security professionals to their highest levels after 9/11, he said.
This trend in IT security certifications pay is an indication that, finally, there is something other than government regulation that is driving business leaders to invest more in security, Foote said. "The trend is not being driven by compliance and regulations. It is being driven by people saying customers are demanding more security," from the companies they do business with, Foote said.
Also pushing up the premiums for security certification is a new Department of Defense directive which requires over 100,000 security professionals in certain specific job roles to be certified within a five year period, Foote said. The directive affects full- or part-time military service members, contractors, or those with privileged access to DOD information systems who are performing information assurance functions.
The two trends are creating a "perfect storm" in terms of pushing up premiums for IT security certifications at a time when other certification programs are commanding lower premiums than they used to, he added.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Logicalis eBook: SAP HANA: The Need for Speed Without timely business insights, organizations today can suffer logistical, manufacturing, and even financial disaster in a matter of minutes
- Neustar 2014 DDoS Attacks and Impact Report For the third consecutive year, Neustar surveyed hundreds of companies on distributed denial of service (DDoS) attacks. The survey reveals evidence that the...
- Acxiom Case Study This case study, which focuses on Acxiom, explores how the company was able to secure employee data, reduce migration costs and boost productivity...
- Windows® XP Migration: Protect and Secure Critical Data With the end of the Microsoft Windows XP operating system's lifecycle on April 8, 2014, businesses are faced with the decision to migrate...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control. All IT Careers White Papers | Webcasts
Our 28th annual survey results show which IT skills are in high demand and which are cooling off. Also, see how your salary stacks up to peers' with our Smart Salary Tool.