“Worldwide, the number of information security professionals will grow from 1.66 million in 2007 to about 2.7 million in 2012, experiencing a compound annual growth rate of 10 percent.”
--Research released by Frost & Sullivan and (ISC)˛ April 24, 2008
Information systems security involves the protection of data on computers and information systems to protect an organization’s confidentiality and integrity. Information Systems Security (commonly referred to as ISS) is a relatively new specialty within the Information Technology field. Many organizations started formalizing their security policy and instituting organizational responsibilities for supporting and enabling this policy in the mid to late 90’s. The need was driven by the increase in company assets being exposed to the internet and the recognition that it is necessary for someone in the organization to focus on securing these resources. By the late 90's legislation was being enacted that actually called for organizations to have formalized security policies and eventually someone in the organization responsible for this security. This sparked the growth in the ISS field.
Demand for ISS ProfessionalsThis field has grown continuously since the late 90's and has continued to grow each year. As businesses tie more functions to the internet and technology in general, the need to ensure stability and availability increases. Demand for more mobility with an increasingly prescriptive and constraining legislative environment has led to large growth in this field over the last few years.
What are the hours like in an ISS job?It really depends on the organization and their needs as well as your experience. Someone starting out can expect a few late night implementations during system change windows and potentially some on-call assignments. As you move from first line support to more root cause analysis and potentially strategic visioning work you will see that need decline. However, regardless of your work hours, in this field be prepared to learn and study new technologies on your own time outside of work.
Will I work more independently or in a team setting?In most ISS jobs people work in a team type environment. However, there is a great deal of independent time spent researching and developing. So, in a nutshell, this career allows you to spend time working in a team and also working independently.
Benefits and Challenges to this Career
Jobs in this field are exciting in that there is never a dull moment. Being able to work with a broad set of technologies and parts of the systems environment can be a huge benefit. Security touches everything from physical security (doors, hardware etc.), networks, phone systems, servers, infrastructure, applications and business processes. Throw into this mix the context of internal use by employees and external use (customers and business partners) and there is always something new to learn.
Some of the challenges in this field center around keeping up with the changing technologies and evolving regulatory and legislative requirements constantly.
Career AdvancementAs businesses are being required to become compliant with more and more legislation mandating compliance, leaders in the ISS areas are being promoted to higher levels in the business than was happening previously. This is done in order to help the organization navigate these complicated issues. In order to advance in this field the key component is gaining the necessary experience within an organization. It is also vitally important to prove your ability to work with the business to develop secure solutions. Earning a higher degree may also help the chances of a promotion but gaining experience and exposure to all aspects within an organization and then growing your sphere of influence and network outside the company to other security professionals is key to advancement.
The following information security positions have the same or similar responsibilities but just vary by title. These titles can be used interchangeably.
- Information Security Officer
- Information Security Analyst
- Computer Security Officer
- Computer Security Analyst
- ISSO (Information System Security Officer)
- Information System Security Officer
Hot Topics in the Field
One current “hot topic” in the field of information security is centered around the new Payment Card Industry (PCI) regulations. With potential fines of 500 thousand dollars a day if a company is not compliant, there is buzz amongst all organizations regarding how to become compliant with the least impact and cost.
Another major topic in the field revolves around Unified Communications (UC). More companies are looking to expand traditional networks to include voice and video traffic, and still need to keep the usual data traffic secure.
A third large challenge the ISS industry faces is centered around the increasing mobility of our workforce as more employees seek to access enterprise resources from beyond the traditional business controlled network. This also holds true for business partners who seek access to what once was considered enterprise-only resources and data.
Other Information Security Categories
To learn more about careers, degrees, schools, and salaries, visit the following links/pages.