Careers in IT security remain hot, says David Foote, noted researcher and analyst of IT workforce trends. But there's a disconnect between current job opportunities and the talent pool looking to fill them.
Creating a culture of security within an organization may be on CISOs' wish lists, but it's often hard to educate and spread that message, says Justin Somaini, chief information security officer at Yahoo.
Yahoo's Justin Somaini believes his fellow CISOs in business and government do a good job keeping their bosses informed of proper information security practices, but could do better in educating the rank and file about them.
When economists dissected July's 0.1 point drop in overall unemployment, to 9.1 percent, they attributed the decline mostly to fewer people seeking work. But that's not the case for IT security professionals. There are few discouraged workers in the information technology occupation categories these days.
The cyber threat landscape is more widespread than ever before, and cybersecurity professionals are needed in all sectors, from government to private industry, says Dickie George of the National Security Agency.
Dickie George of the National Security Agency has one word to describe the state of information security education today: "Spotty." And this state must improve if we hope to fill all the growing demand for security pros.
The use of social media raises risk management issues, and education is the key to overcoming the common misperception that "you can say anything you want on social media and not have any consequences," says compliance specialist Roy Snell.
"Professionals like me now understand that we are the ambassadors for ethical behavior and should actively encourage other employees to adhere to it," says Alessandro Moretti, a senior risk and security executive.
Melissa Hathaway, at a cybersecurity forum for lawyers, calls for the cybersecurity education of judges so justice could be served in an era of digital assaults. She also explains how the Sony breach provides a new path for malware.
Healthcare organizations need to implement role-based privacy and security training to identify specific types of education for employees with different levels of access to protected health information, says Alex Eremia, chief privacy officer at MedStar Health.