Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

10/12/2018
05:00 PM
50%
50%

Most IT Security Pros Want to Change Jobs

They cite five main reasons for wanting to move on - and what it would take to retain them.

If you're an IT security professional looking for a new job, you're not alone. A new report on IT security job trends finds that 60% of survey respondents are looking to leave their current positions.

Limits on job growth and dissatisfaction with their current jobs are the leading reasons security pros say they are seeking a change, according to the report. An unhealthy work environment, lack of IT security prioritization, and unclear job expectations round out the top five drivers for change.

What would it take for the survey respondents to stay in their current positions? Improved work-life balance, management who takes their security concerns seriously, and better sponsorship for new courses and certifications are the big winners.

Read more here.

 

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
100%
0%
RyanSepe,
User Rank: Ninja
10/15/2018 | 9:29:44 AM
An unhealthy work environment (Brand Reputation)
Historically, Information Security has been seen as the NO police. This poor brand reputation of the department makes other departments less agreeable towards collaboration. As security professionals we understand that if security is not ingrained in development of apps, processes, etc that it is less effective and more reactive then proactive. This is starting to change but I would say no where close to where it needs to be to make for a comfortable work environment.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
10/15/2018 | 9:25:30 AM
Lack of IT security prioritization
The Security field has been changing in a more positive fashion but its still not to the point where I would consider the Security field ideal. More companies are taking an interest in security, but if you don't have a CISO that has a seat at the table it seems to take a band-aid approach and doesn't align with best practices. In this way it is very difficult to prioritize security based endeavors.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/1/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13757
PUBLISHED: 2020-06-01
Python-RSA 4.0 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing exces...
CVE-2020-13758
PUBLISHED: 2020-06-01
modules/security/classes/general.post_filter.php/post_filter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload.
CVE-2020-9291
PUBLISHED: 2020-06-01
An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a local user to gain elevated privileges via exhausting the pool of temporary file names combined with a symbolic link attack.
CVE-2019-15709
PUBLISHED: 2020-06-01
An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI.
CVE-2020-13695
PUBLISHED: 2020-06-01
In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user has sudo privileges to execute grep as root without a password, which allows an attacker to obtain sensitive information via a grep of a /root/*.db or /etc/shadow file.