IT managers are losing sleep over the threat of data loss and not a few think protecting their company’s network is more stressful than handling a divorce, according to a recent survey commissioned by security company Websense Inc.
The good news is this high stress level is matched by rising salaries. A separate survey by staffing firm Robert Half Technology indicates that top-level IT security professionals could expect to take home compensation anywhere between $89,000 and $121,500 in 2012.
Research firm Dynamic Markets polled 1,000 IT managers and 1,000 non-IT employees in the United States, United Kingdom and Canada to determine for Websense how IT managers are coping with the fast-changing threat landscape.
The Canadian research revealed that in excess of 80 per cent of respondents believe their jobs would be at risk if a security incident were to occur in their company during their watch. Their jobs would also be in peril: if an executive’s confidential data is breached (38 per cent), if data needed for compliance purposes is lost (32 per cent), or if confidential company information is posted on a social networking site (34 per cent).
Because of the stakes involved, respondents said the weight of protecting their company’s confidential data is more stressful than the following:
- Being involved in a minor vehicle accident (28 per cent)
- Moving house (28 per cent)
- Managing personal debt (21 per cent)
- Getting married (20 per cent)
- Starting a new job (20 per cent)
- Getting divorced or separated (13 per cent)
- Losing their job (11 per cent)
“Shockingly,” Websense said, a full 30 per cent of respondents reported that the CEOs’ and other executives’ confidential data in their company has been breached. Another 22 per cent reported losing data needed for compliance, 40 per cent said data had been lost by employees and as many as 22 per cent admitted that confidential information had been posted on social networking sites.
The survey revealed a “suspiciously large gap” in the accounts from IT managers and confessions from employees. This indicates extensive under-reporting of security breaches, said Fiaz Walji, country manager for Websense Canada.
The survey found that while only two employees out of 100 admit to posting confidential information on social networking sites, 23 per cent of IT managers say that the practice occurs in their company. One employee in 100 admitted to introducing malware into the corporate network, but 32 per cent of IT managers said this happened in their organization. Moreover, the survey revealed that if employees were to accidentally compromise company data, only 30 per cent would tell their boss about it.
“The survey shows that companies need to recalculate their assumptions about how well their data is protected,” said Walji.
He said because anti-virus (AV) tools deployed in many companies today are easily bypassed by advanced threat methods and risky social networking behaviours, businesses need a layered security strategy. “Yet it is surprising that despite the risks associated with social networking, many companies opt to spend their budgets on boosting Internet bandwidth and support for social media use instead,” said Walji.
With high anxiety comes high pay
IT security managers can expect to receive higher salaries next year, according to staffing agency Robert Half Technology.
In a recent survey, the company said IT security professionals could be getting salary increases by an average of 4.5 per cent in 2012. Salaries for chief security officers may go up by as much as 3.9 per cent next year, the survey said. “Data and security protection, especially in industries such as banking and healthcare will continue to be an in-demand area within technology,” said John Reid, executive director of Robert Half.
“In fact, 24 per cent of CIOs polled by our firm cited security as their top concern,” he said.
The Robert Half report estimates that compensation for positions involving security risk analysis and detailing proposed solutions will increase by six per cent, netting base salaries of between $89,000 and $121,500.
Other positions bound to experience salary bumps are: network security administrator (4.9 per cent), systems security administrator (4.6 per cent), information systems security manager (4.1 per cent) and network security engineer (3.8 per cent).
“A common feature of high-demand jobs is a large decree of specialization,” said Reid.