Imperative People, Milton Keynes, Bedfordshire
Imperative People, Milton Keynes, Bedfordshire
Leading Cyber Security Recruitment Specialists 0333 433 0795
Leading Cyber Security Recruitment Specialists 0333 433 0795 

Cyber Security & InfoSec / Information Security News

Latest Cyber Security & InfoSec / Information Security Articles In The News....

24 November 2015

Cyber Security - 40% Of Businesses Expect An Insider Breach In The Next 12 Months


Four out of ten businesses expect an insider data breach in the next 12 months, according to a new survey.

As enterprises become larger, managing employee behaviour becomes harder and the risk of a breach occurring within an organisation intensifies.

The study, by Clearswift, identified a widespread lack of employee awareness of good cyber security practice, and a slow business response to addressing insider threats.

In the survey of 4,000 employees, 75% said their company provides inadequate levels of information about data policies and what is expected of them, and 58% lacked understanding of what might actually constitute a security threat from within their organisation.

With such a lack of clarity, it may not come as a surprise that half of respondents admitted they disregard data protection policies at work in order to get their job done.

These attitudes highlight an imperative for organisations to make training employees in security protocols and policies a business priority.

Such attitudes are not surprising considering 72% of security professionals believe internal security threats are still not treated with the same level of importance as external threats by the board.

‘The detachment between the front-line security professionals and board members within an organisation is particularly worrying in the wake of recent high-profile cyber breaches in the UK already this year,’ said Heath Davies, chief executive at Clearswift.

‘Cyber attacks are a major problem and it’s time for boards to take a proactive stance on this. Companies need a clear, coherent, adaptive strategy which encompasses people, processes and technology, and this mandate needs to come from the top.’

Read original Source via

Contact Imperative People today, we can help with your new Cyber Security & InfoSec career or submit your vacancy today.  We are based nr Milton Keynes, in Bedfordshire, covering whole of the UK.  Contact a knowledgeable consultant today on 0333 433 0795.


19 November 2015
Cyber Security & InfoSec Recruitment - Talent Is Red Hot


From the time he was 9, Daniel Kowalski, now 23, knew cybersecurity was going to be his thing. Captivated by the stealth work of hackers in commercials and in his favorite movie,Live Free or Die Hard, Kowalski nurtured his fascination with security from a young age, pursuing multiple IT and security certifications during high school and earning a degree in computer criminology at Florida State University.

After graduation, Kowalski moved through a couple of generic IT contract gigs — each providing some basic exposure to security — and landed an official role in his chosen field in less than a year: He's now an information systems security engineer at defense contractor Harris Corp. "My future lies in security," says Kowalski. "As far as where I want to be in security, it's too early to say — I've not yet specialized in anything, but I've touched on everything."

Kowalski's future should be pretty bright given that security now ranks among the hottest IT career tracks. Computerworld's 2015 IT Salary Survey reveals that there's strong demand for security professionals. Three-quarters of security pros participating in the survey said they'd been approached by headhunters in the past 12 months, and 71% said they felt their job was secure or very secure.

The spate of recent high-profile hacks at companies like Target and Sony Pictures has been a serious wake-up call for management about the importance of a robust IT security program. "The emergence of the cloud and the recent security breaches have been the perfect storm to drive demand for security roles," says Matt Leighton, director of recruitment at Mondo, a digital marketing and technology recruitment firm.

At least four out of 10 job requisitions coming across his desk are for security-related positions, he adds. "It's probably the hottest skill set we are working on today, and we're now seeing [salaries] catch up with demand."

Research by Robert Half Technology confirms that security talent is in demand. The IT recruitment firm's 2015 Salary Guide for Technology Professionals says demand for skilled workers will exceed supply in the overall IT job market "for the foreseeable future" and names security as one of three disciplines — along with mobile and big data — in which that gap will be especially large. There's especially strong demand for data security analysts, systems security administrators, network security administrators, network security engineers and security managers, according to the RHT report.

Not surprisingly, employers are willing to loosen the purse strings in order to fill security-related jobs. In Computerworld's IT Salary Survey, security management positions like chief security officer and information security manager saw the highest reported increases in pay from 2014 to 2015, with average total compensation for those job titles rising 6.7% and 5.3%, respectively.

In fact, nearly three-quarters of survey respondents with security titles reported an increase in total compensation from a year ago, with an average bump of 6.2%. In comparison, 68% of all respondents reported that their total compensation had risen in the past year, and the average increase was 3.6%.

The trend is welcome news to Bobbi Jo Pickar, who has spent 27 years as an IT security professional, holding various technical and managerial roles. "In the past, management hasn't given us enough credit and they didn't realize how much a security organization could save a company or government by doing things right," says Pickar, who now serves as an information security specialist/computer systems security analyst at Lockheed Martin. "Now that they understand how much risk could cost, they are starting to take a much more proactive approach."

The pros and cons of constant change

The spotlight on security and the increasingly malicious nature of cyberattacks have created new opportunities for security pros, and those factors have helped turn security into a satisfying career, says Kevin Fred, a senior information security consultant who's now working as a principal security engineer for a large payment processing company in Cincinnati. Security has gained lots of new job descriptions, including C-level positions that didn't exist years ago, and security roles have increased in stature across the board.

"We're in an elevated spot — in any company across every industry, infosec is held in higher esteem because we're the protectors of the crown jewels," he says. "There's a lot of prestige and satisfaction that comes along with that."

Download Computerworld's May digital magazine, featuring the 2015 IT Salary Survey report and lots more.

Also satisfying to Fred and other security professionals is the dynamic nature of the field: As threats evolve, there's an endless stream of new material to master. The constant change appeals to Tim Pospisil, IT security supervisor forNebraska Public Power District, who has been in IT for eight years and has done security work for almost half of that time.

"I work in nuclear, which is the best of 1960s technology, and [security] is not," he says. "Security is definitely cutting-edge. You're always having to adapt to something new, whether it's new vulnerabilities or new ways hackers are exploiting the network. It forces you to constantly be on your toes, and it keeps you fresh."

However, Pospisil warns that the constant change can be a drawback. "You don't ever feel like you get downtime or get a chance to catch a breath," he says. "And there's always the fear that you're going to miss something and become a logical target."

The other big negative is that security is hardly an organizational favorite, so those in the field need to be prepared to deal with the occasional irate user who doesn't like being denied access to a particular website or being required to follow a bunch of protocols. "We're kind of like the IRS of the organization — no one really likes us," Pospisil says. "It's one of those necessary evils: People recognize [security's] value, but you're generally not their favorite person."

The right mix of skills

Those realities mean a certain mix of experience, skills and personality traits are required to succeed in security. Being a self-starter and active learner is critical, Pospisil says. Also key are good communication skills and hands-on security experience.

In addition, technical certifications can be a bigger deal in security than they are in other IT-related fields — a trend confirmed by Foote Partners, an IT staffing research and advisory firm. The Feb. 27, 2015, edition of Foote's IT Skills Demand and Pay Trends Report shows strong growth in the market values of 69 information security and cybersecurity certifications in 2014, with average gains of 3.7% in value in the last three months of the year.

The security certifications most in demand among IT professionals were those related to auditing, hacking and forensics. Beginner security certifications, like the CompTIA Security+ accreditation, also enjoyed an uptick in popularity — a possible indication that more people are focusing on infosec as a career choice, says David Foote, chief analyst and co-founder of Foote Partners.

Computerworld's 2015 IT Salary Survey yielded a similar finding: Training programs involving security skills were the No. 1 pick among IT professionals pursuing certifications.

While certifications and hands-on experience are important, people skills and knowledge of the business can really make a security professional stand out, says John Becker, chief governance officer at Phenix Energy Group, where he oversees computer security, compliance and governance.

"This isn't just about certifications and security — you need IT security people who can talk about the risks," he explains. "It's a much more complex and multifaceted role than other IT work." It also doesn't hurt if someone is intrinsically paranoid: "We want people who really don't believe anything they hear," Becker adds.

Get ready

If you're up to the challenge, there are a number of steps you can take to open doors to a job in security. Making a commitment to continuous learning — reading, participating in webinars, staying up to date on industry trends and studying recent data breaches — is a must. It would also be a good idea to pursue any number of basic and specialized security certifications.

If you can't land a security-centric job right away, you can get some basic training by lining up IT roles that provide some exposure to security functions like intrusion detection or application testing. And you can raise your profile as a security expert by sharing security information and recommendations with your colleagues. If you do that, people will come to respect your opinion and will eventually start to rely on your expertise, says Mondo's Leighton.

"Most companies don't have a security engineer — most have a systems administrator that they hope takes care of the security aspect," Leighton says. "By bringing information to the CIO and making recommendations, you position yourself as the resident expert."

Read original source via Computer World.

We are located at:

Imperative People

Suite 12, Cranfield Innovation Centre
Cranfield Technology Park
University Way

MK43 0BT


80 - 83 Long Lane




Contact us today!

Please contact us:


0333 433 0795


Or use our contact form.

Imperative People IT Recruitment Consultants Agency Milton Keynes Bedfordshire London REC Recrutiment & Employment Confederation Accredidation
Print Print | Sitemap
© Imperative People 2016 Cranfield Milton Keynes London