Informatio​n Technology Security specialist

Information Technology (IT) Security specialist is one of the highest demand skills in IT industry today. With increasing cyber attacks, malwares infections, hacker’s penetration etc., companies are now spending more money to secure their IT infrastructures and applications than few years ago.

In the past, companies relied on firewalls but it did not work well and they suffered a lot of damages. Today most hackers are organized crimes that are very good at penetrate IT systems and create damages. To prevent it from happening, companies have to adopt more preventive rather than reactive approach. They must review their IT systems to identify vulnerabilities and fix them to avoid any further consequences. As a result, more companies are hiring IT security specialists, people who are trained to deal with security issues to implement their preventive security model.

The most vulnerable area of the IT system is software code. Even today, most students are not taught to programming with security in mind. That is why “Buffer overflow” and “SQL injection” are common tactics among hackers to get access to IT systems and to steal information or plant malwares. Many companies are still relying on “patching” as a solution to overcome defects on the code. However patching sometime also creates another vulnerable on the other parts of code. The better way is to spend time on code review, regression testing, and secured code inspection as a tool to prevent malwares and hackers penetrations. To make it more effective, programmers, developers, and IT managers must be trained in IT system security.

The increasing number of people accessing social media web sites also increases the risk of malware infections. One careless person with an infected laptop can infect the whole company IT system. One infected smart phone can create damages to a phone company’s IT systems. In order to secure the sensitive information and minimize the risk, company must implement more training on security to employees and monitoring mechanism and configure firewall to the best possible.

With the increasing usage of mobile devices like tablets, smart-phones, etc. the risk of information and data theft has gone up. The success of company now depends on its ability to secure their “sensitive” information and data off these devices by having them store on their “private cloud” instead of the devices. The requirement of secured private cloud also increase demand for more security specialists.

Because “public cloud” computing involves certain risk pertaining to Data security and accessibility. Companies are reluctant to move into cloud computing. To gain customers’ confidence, many service providers must get their cloud assessed and certified by a third party security vendor. To do that, both cloud computing providers and security assessment vendors need to hire more security specialists. The question often raised is where do they find these specialists? Where do people get training on security system? There are several security certificate programs in the industry but unless people have many years of experiences, sometime few months of training may not be enough. Today IT security is becoming a major in some universities. It is possible to get a bachelor or master degrees in IT security and graduates can expected to make $95,000 to $130,000 per year.

Sources

  • Blogs of Prof. John Vu, Carnegie Mellon University