/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsNEW DELHI: Information Security (IS), which for very long was considered just another part of the IT setup in an enterprise has take a giant leap forward and has reached the boardrooms.
Spamming, phishing, virus attacks etc. have created enough work for security professionals, who not only have to keep their IT setups sanitized but also shoulder the responsibility of making the right investments.
IDC conducted a study in 2005, on behalf of a non-profit organisation International Information Systems Security Certification Consortium (ISC)2, to understand the skill pattern of the security workforce, worldwide.
In this electronic survey, over 4000 professionals offered their opinions on the role of information security in today's enterprise; importance of security certification in the hiring process; various areas in which they would require higher education etc.
According to an IDC estimate the number of IS professionals will see a 9% increase in 2005, and touch the count of 1.4 million, this figure is expected to touch 1.9 million by the year 2009. The survey also revealed that the IS professionals is an educated lot, with a majority having a bachelor's degree or its equivalent education based on the International Standard Classification of education (ISCED). The basic education apart, these professionals lay a lot of importance to acquiring additional certifications like BS7799/ISO 17799 etc.
Upsurge in security threats has lead to development of highly specialized off-the-shelf security solutions. While these are worldclass solutions, human intervention is required for integrating them into the overall security architecture. IS professionals, therefore need to keep their skill set up to the mark by undergoing relevant certification courses.
In the IDC survey, a large number of participants consider certifications an important part of their career development path, as these give them a competitive edge over their non-certified peers, open up avenues for specialization within the field and also offers a better pay package.
Taking the employer's viewpoint on certifications, about 90% of the individuals involved with the hiring process said certifications played a very vital role hiring as it gives some level of assurance about the individual's competency.
While strong knowledge about the security systems is key to any IS professional, one cannot loose sight of the business perspective and should be capable enough to 'translate the technology-risk into business-risk'. Areas like continuity planning, forensics and information risk management would be highly sought after, in the years to come.
Hot on the security certification chart are BS7799 Auditor, Cisco Certified Security Professional (CCSP), Certified information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), GIAC Certified ISO-17799 Specialist (G7799), and Microsoft Certified Systems Engineer (MCSE).