Security professionals are enjoying growing levels of influence inside corporate boardrooms, a new study has suggested.

According to the second annual Global Information Security Workforce Study from IDC, sponsored by International Information Systems Security Certification Consortium (ISC)2, the trend is the result of security being seen as a business, rather than a purely IT, function.

The survey of 4,305 security professionals around the world found that 21 per cent of company CEOs were the ultimate point of responsibility for security, up from 12 per cent in 2004.

Seventy-seven per cent of those questioned said they expected their influence within the board of directors to increase in the coming year. The drivers for this trend are a mixture of the increased likelihood of organized attacks on IT systems, and the rising demands of compliance.

“Security has risen to the top of the corporate agenda as a strategic business process that affects what organizations value most: their mission, ability to execute, an accountability to shareholders,” the report’s authors wrote.

As a result of rapid change in the profile of the sector, the number of qualified security professionals has risen globally by nine per cent in the last year, to 1.4 million.

And an abatement of the demand for these skills does not appear to be around any corner anytime soon.

“Anecdotally, many providers of security services are struggling to find appropriate candidates for the vacancies within their workforces. Consequently, opportunity awaits those individuals looking to enter into an information security career path,” the authors wrote.

The main areas of technology investment are wireless security, intrusion prevention, identity and access management and disaster recovery.

QuickLink 052261