Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/11/2007
03:24 PM
Sharon Gaudin
Sharon Gaudin
Commentary
50%
50%

How Happy Are You With Your Salary?

I got an interesting piece of information last week. Alan Paller of the SANS Institute tells me people who see their salaries increasing each year are more satisfied with their salaries than those who are paid well but who don't see it getting any better.

I got an interesting piece of information last week. Alan Paller of the SANS Institute tells me people who see their salaries increasing each year are more satisfied with their salaries than those who are paid well but who don't see it getting any better.I was a little surprised when he told me that. I personally would like a holy-cow-that's-big kind of salary. Well, honestly now, I'd like a really big salary that gets still bigger every year. Who wouldn't?

But after I wrote a story about the SANS Institute's eight-year-long salary survey last week, I had dinner with some friends. And I asked them what would make them happier. Big salary? Yearly raises? They were quick to pick annual raises. They said it would make them feel like the company valued them. I can see that. Everyone wants to feel valued, no matter what job you're doing.

Paller also talked about the "leveling" that is going on with information security salaries across the country. For a long time, if you wanted to make big money in IT, you lived in Silicon Valley. Of course, it took a huge salary to be able to afford to live there, but that's where the big money was.

Now it looks like the rest of the country is getting to share the wealth. The SANS Institute's survey showed that the Midwest, the Northwest, and the Southeast all are on the salary fast track, bringing in at least 7.5% yearly increases. The Mid-Atlantic region, which includes Pennsylvania, Maryland, Virginia, and Washington, D.C., has the biggest paychecks for security professionals, coming in at a mean salary of $95,615 for 2006. The Northeast came in second with $92,452, while the West, which includes Silicon Valley, rang in with $86,368.

Looks like security professionals have a lot more options about where they can live and still make a very good living.

The SANS Institute is working on a new survey, though. This one will focus on the past year, as opposed to the last study which focused on an eight-year span.

Paller told me that with this survey, he's expecting to see a shift in emphasis. More technical employees will start to get bigger raises. For a while now, FISMA has forced companies to focus on reporting on their security efforts, instead of putting all their muscle behind their actual security efforts. The on-going string of data losses, security breaches, and a growing cyberthreat from China may have a lot of executives rethinking their security strategy. And that could be good news for the men and women in the security trenches.

They're looking for people to participate in the survey, so add your two cents by going to this Web site.

And I'm interested in your two cents, too. Tell me, how happy are you with your salary? Is it picking up or woefully stagnant? What would make you happier on the job?

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/28/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11844
PUBLISHED: 2020-05-29
There is an Incorrect Authorization vulnerability in Micro Focus Service Management Automation (SMA) product affecting version 2018.05 to 2020.02. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.
CVE-2020-6937
PUBLISHED: 2020-05-29
A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion.
CVE-2020-7648
PUBLISHED: 2020-05-29
All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragment identifier and a whitelisted path e.g. `#package.json`
CVE-2020-7650
PUBLISHED: 2020-05-29
All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files ending in the following extensions: yaml, yml or json.
CVE-2020-7654
PUBLISHED: 2020-05-29
All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG.