In this video, Marc Menninger describes why corporations are a strong marketplace for IT security professionals. Learn how the Sarbanes–Oxley Act or SOX requires corporations to be secure. Explore why corporations are prime cyberattack targets. Understand why the demand for IT security professionals from corporations is growing.
- [Narrator] Corporations in the US are excellent marketplaces for IT security. First, all publicly traded US corporations are required by law to be secure. That law is the Sarbanes-Oxley Act or SOX. While SOX doesn't require specific security controls, it does require strong internal controls on corporate financial data. These controls must be assessed each year by both internal personnel and external auditors. Only an effective security program would achieve these requirements.
Ever since SOX was enacted in 2002, the need for IT security professionals to define, implement, and maintain the security controls for corporate financial data has been increasing. But even with SOX, corporations have suffered major security breaches. Hackers target corporations because they know vast amounts of highly sensitive company and personal data are stored within them. That's another reason why corporations are a key marketplace for IT security professionals, their prime cyberattack targets.
At the end of 2015 the Identity Theft Resource Center published its data breach report. Of 780 known data breaches that year, the business sector had the highest number of breaches with 312. And more than 16 million records breached. Most corporations are targeted by hackers, both state sponsored and third party, seeking to steal trade secrets, blueprints, and business plans. In 2014 the US Attorney General indicted members of the Chinese military, accusing them of hacking corporations to spy and steal secrets.
And it doesn't matter how large or small a corporation is. They're all potential cyberattack targets. In fact, in what has been described as the "Hack of the Century," Sony Pictures Entertainment suffered one of the largest hacks ever in 2014. Hackers infected Sony's systems with malware that contributed to the loss of terabytes of information, including personal employee information, internal emails, salary details, and copies of then unreleased films. Size doesn't matter here.
Huge corporations can be the victim of a coordinated cyberattack just as easily as other smaller corporations. Just like banking, healthcare, and government, corporations are a strong marketplace for IT security professionals as demand continues to grow. According to the 2015 Cyber Security Jobs Report, the worldwide shortage of information security professionals was at one million openings, and that's projected to increase to 1.5 million by 2019. Clearly the demand for IT security professionals at corporations is outpacing the supply.
As the threats to corporations continue to rise, so will the need for IT security professionals.
Marc closes with a few pieces of career advice specific to the world of information security, which will help you succeed in this dynamic and high-demand industry.
- IT security key concepts
- Understanding the job marketplace (government vs. healthcare, etc.)
- IT security success traits
- Career specializations
- IT security certifications
- Getting experience
- Marketing yourself