New (ISC)²® Career Impact Survey Reports that Information Security Professionals Maintained Job Stability and Mobility in 2011

Share Article

Survey of More than 2,250 Information Security Pros Predicts Increase in Salaries and Hiring in 2012, Identifies Top Skills in Demand

According to the 2012 Career Impact Survey released today by (ISC)²® (“ISC-squared”), the world’s largest information security professional body and administrators of the CISSP®, the information security profession offers not only stability but upward mobility. Results of the survey found that only seven percent of information security professionals were unemployed at any point during 2011, with nearly 70 percent reporting a salary increase, and 55 percent expecting to receive an increase in 2012.

The results from (ISC)², which has over 80,000 members in more than 135 countries, are from its third survey tracking the impact of the economic climate on cyber security salaries, hiring outlook, budgets, threats and more. More than 2,250 security professionals participated.

Of the respondents, 72 percent said that in 2011, their organization hired individuals specifically for information security roles. Additionally, a majority of respondents - 62 percent - reported they are looking to hire additional permanent or contract information security employees in 2012.

Of those hiring, 81 percent said an understanding of information security concepts is an important factor in their hiring decisions. Other top factors included directly related experience (72 percent) and technical skills (76 percent). Additionally, hiring managers identified the top skills they are looking for: operations security (55 percent), security management practices (52 percent), access control systems/methodology (51 percent), security architecture/models (50 percent), risk management (49 percent), telecom/network security (45 percent), applications/system development security (44 percent) and cloud/virtualization (35 percent).

“These results from our latest Career Impact Survey demonstrate that even in tough economic times, information security professionals are in high demand by hiring managers and organizations who understand that their skillsets are not only paramount to their organization’s ability to conduct business but also give them a competitive advantage,” said W. Hord Tipton, CISSP-ISSEP, CAP, CISA, executive director of (ISC)². “This data reflects the increase in security breaches we saw throughout 2011 and the fact that organizations, both in the public and private sector, are finally realizing the importance of implementing sound security programs that should be run by experienced and qualified professionals.”

Other key findings from (ISC)²’s 2012 Career Impact Survey include:

  •     Roughly 34 percent reported an increase in new hires last year, and 51 percent plan to hire information security staff this year. Of those, 62 percent plan to hire one to two people, and 22 percent plan to hire three to four.
  •     27 percent of respondents said they saw an increase in layoffs in this field.
  •     Around 30 percent of respondents expect information security budgets and equipment purchases to increase in 2012.
  •     56 percent of those surveyed reported increased security risks in 2011, with 38 percent attributing most of that activity to mobile devices.

Tipton added, “Security is an ever-changing field that requires professionals to expand constantly upon their knowledge of today’s advanced threats. Just as importantly, this field also calls for hands-on experience and the business know-how to implement robust security practices across an organization. While it’s a very positive sign that this field continues to grow and is somewhat ‘recession-proof,’ one of the biggest challenges that remains is finding enough of the right people with the appropriate security skills to fill the huge void that exists right now. We must continue to build this workforce at an aggressive pace.”

The (ISC)² 2012 Career Impact Survey was conducted from December 2011 to January 2012, with 2,256 respondents globally to gain insights into how economic conditions and security threats affected the information security profession in 2011 and to gauge the 2012 outlook. The most common sectors represented were government at 28.9 percent; information technology at 28.5 percent; professional services at 18.2 percent; banking at 11.3 percent, and telecommunications at 9.9 percent. The majority of respondents’ organizations had over 1,000 employees. More than 95 percent of respondents hold (ISC)²’s Certified Information System Security Professional (CISSP®) credential. With the help of these survey respondents, (ISC)² is identifying important workforce trends in an effort to help solve the global cyber security workforce crisis.

(ISC)² conducts research regularly to gain insight into the state of the information security workforce and offers support for its certified members seeking employment and career enhancement, including free resume posting and job alerts on its Career Tools site ( Employers can post jobs and search resumes for free as well, giving them a direct line to an audience of qualified information security professionals.

Aggregate results for the (ISC)² 2012 Career Impact Survey can be found at:

About (ISC)2
(ISC)² is the largest not-for-profit membership body of certified information security professionals worldwide, with over 80,000 members in more than 135 countries.    Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), Certified Authorization Professional (CAP®), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates. (ISC)²’s certifications are among the first information technology credentials to meet the stringent requirements of ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK®, a compendium of information security topics. More information is available at

# # #

© 2012, (ISC)² Inc. (ISC)², CISSP, ISSAP, ISSMP, ISSEP, CSSLP, CAP, SSCP and CBK are registered marks of (ISC)², Inc.

Follow (ISC)² on Facebook, Twitter and YouTube.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Michelle Schafer
Visit website