CERTIFICATION SURVEY
SECURITYOpening the Wallet
Spent nothing — 14 percent
$49 or less — 6.3 percent
$50 to $99 — 16.2 percent
$100 to $499 — 31.6 percent
$500 to $999 — 15.8 percent
$1,000 to $9,999 — 15.4 percent
$10,000 or more — 0.7 percentAbout how much money did you
spend on training materials to
complete your most recent infor-
mation security certification?(^14) %
(^)
(^)
(^)
(^)
(^6)
. 3
%
(^)
(^)
(^)
(^)
(^)
(^1)
6
2.
%
(^6). (^13)
(^) %
(^)
(^)
(^)
(^)
(^)
(^)
(^)
(^)
(^)
1
5
.^8
%
15.^4 %
Job satisfaction
Information security professionals
have a variety of duties and respon-
sibilities. Some design and install
security infrastructure, while others
are charged with actively monitoring
computer and network activity. Some
specialists are involved in determin-
ing and defining policy documents,
while others test and examine existing
protections.
There’s quite a bit of work to be
done, and only so many hours in the
day. Are we pushing the current work-
force too hard? About half of those we
surveyed either agree (32.7 percent) or
strongly agree (15.4 percent) that they
are overworked. A little less than one-
third (29 percent of respondents) took
a neutral position, while the remaining
22 percent disagree (19.9 percent) or
strongly disagree (2.9 percent) that
they have too much on their plate.
For most certified information
security professionals, the tasks they
perform are complex and engaging. A
solid 77 percent either agree (54.1 per-
cent) or strongly agree (23.3 percent)
that their work is challenging, with a
further 13 percent taking a neutral po-
sition. That leaves just 9 percent who
either disagree (8.5 percent) or strong-
ly disagree (1.1 percent) that they are
engaged and stimulated by their work.
We did ask one question that touch-
es on the broad issue of compensation.
Generally speaking, are certified infor-
mation security professionals satis-
fied with their current salary?
About 44 percent either agree
(38.6 percent of respondents)
or strongly agree (4.8 percent)
that their current salary is
satisfactory, while 22.8 per-
cent took a neutral view. The
remaining one-third either
disagree (24.3 percent) or
strongly disagree (9.6 per-
cent) that their current sal-
ary is satisfactory.
Certification = employmentCertification is a long-established
pillar of the information security
realm, with many security credentials
requested by name in employment
listings. You don’t have to be certi-
fied to get a job: 56 percent of those
surveyed were not required to have a
security certification when hired for
their current job. Forty-four percent,
on the other hand, did have to meet a
certification requirement in order to
start work.
Even in cases where certification is
not required, however, it could be a
factor in any hiring decision that gets
made. Asked to estimate the impact
of certification on being hired at their
current job, 52 percent of certified in-
formation security professionals said it
was either influential (21.4 percent) or
very influential (31.9 percent), with an
additional 20.7 percent reporting that
certification was at least somewhat
influential.
It’s also true that many choose to
get certified with an eye on future
employment. Setting aside the pop-
ular rationales of gaining skills and
increasing compensation, we asked
those surveyed to name the two
most important benefits of getting a
certification.0.7%