Top Paying IT Security Jobs

While reading through my assigned reading this week for my Information Security Mgmt. class, the book discussed security positions. Being that I'm new to IT Security and I am not a "all about money" within my career, I decided to do some research the top IT security jobs last year. Based on an article that I found entitled, "Best Paying IT Security Jobs In 2012" written by Mathew J. Schwartz states that Robert Half Technology pints out that the data security analyst position is the hottest job in 2012 and that the salary should increase by 6%. 

The other top IT Security jobs are as follows:  network security administrator, systems security administrator, information systems security manager, and the new role of network security engineer. Data shows the salary range between all of these positions in 2012 is $85,000-$143,500 a year. This salary range seems I be due to the fact that IT security is a hot area to be in within the next few years. According to Hord Tipton, executive director of (ISC)2, in an interview states "92% of last year's breaches could have been avoided through implementation of basic security controls. The demand for professionals with broad knowledge, experience, and a specific technical specialty [or specialties] will surely increase." It is great to know that there is such a high demand for what I am getting Masters Degree in.  Tipton also expects by 2015 the demand may have increased even further, due to the increasing number of data breaches and online attacks affecting businesses.

Another item that can enhance a IT security professional's experience/resume and is also in demand is CISSP and CompTIA Security+ certifications. Robert Half Technology reported that certifications are especially good for the role of information systems security manager.

References

"Robert Half® Technology 2013 Salary Guide." Robert Half International. . N.p., n.d. Web. 26 May 2013. <s3.amazonaws.com/DBM/M3/2011/Downloads/SalaryGuide_RobertHalfTechnology_2013.pdf>.

Swartz, Mathew J.. "Best Paying IT Security Jobs In 2012 - Security - Security ." InformationWeek | Business Technology News, Reviews and Blogs. N.p., n.d. Web. 26 May 2013. <http://www.informationweek.com/security/management/best-paying-it-security-jobs-in-2012/232200152?nomobile=1>.

Whitman, Michael E., and Herbert J. Mattord. "Security Management Models." Management of information  security. 3rd ed. Boston, MA: Course Technology, Centage Learning, 2010. 385-426. Print.

Biometric Measures for Security

Some organizations are looking towards biometrics for security reasons. Whether they certain individuals to gain access to a highly secure room or to gain access to extremely sensitive data, this is an option for any organization to use to give authorized employees access. There are many options for a company to choose from to implement and so many vendors to purchase from. When a IT Security Manager is thinking of implementing these products they want to choose a biometric method that is cost efficient, extremely reliable, and most importantly very secure. The biometric options that are available are as follows:

Fingerprints
ID card (Face Representation)

Palm scan

Facial recognition

Hand geometry

Retinal scan

Hand topology

Iris scan

Among all of these options only three of them are considered unique, fingerprints, retina, and iris. So when the IT Security department looks into implementing this software for authorization reasons they should employ, one or two of these biometric methods.

Securing Your Mobile Devices

The way of the world now is that everyone has a smart device.  Whether you are a child or an adult, you are familiar with smart devices.  From an iPad, to a droid cellphone, to a Kindle Fire the world has definitely evolved in this area of mobile devices.  We use these devices to get through everyday life.  Even now in school, teachers have been implementing apps and the use of these electronics to teach and connect with their students.  Being that everyone are using these devices, the main question now is....how can you secure your device?  People tend to believe that mobile devices are already secure but that is not necessarily true.  Users must be educated on the fact that there are apps that aren't secure and malware can attack your device as well.  Here are a few tips on keeping your device and information safe.

1. Lock your device when stepping away from it.
2. Minimize the sensitive data you store on the mobile device.  
3. If misplaced quickly go to your "Find Me" app to locate and lock your device.
4. Download a mobile security app from a trusted company like Norton or McAfee

Be mindful of what you keep on your mobile device, what you download, where you surf online, and who has access to your devices!


Reference:
http://www.computerworld.com/s/article/9176870/Protect_your_mobile_device_and_yourself?taxonomyId=17&pageNumber=2

Threats-Vulnerabilities-Assets (TVA) worksheet and Ranked Vulnerability Risk worksheet

Threats-Vulnerabilities-Assets (TVA) worksheet is a combined prioritized list of assets and threats.  This worksheet is used when completing the Risk Identification phase and starting with the Risk Assessment phase.  The purpose of the TVA worksheet is to show an organization the most critical/important vulnerabilities and threats in a convenient method to view the exposure.  The TVA worksheet is a prioritized combination of the most important assets (x-axis) and threats (y-axis), the output will have the most dangerous at the top of the worksheet.   The TVA worksheet enables organizations to have a one shot view of the threats and vulnerabilities that their company may be exposed to. 

Ranked Vulnerability Risk worksheet assigns a risk-rating ranked value to each uncontrolled asset-vulnerability pair. This worksheet is the initial working document for assessing and controlling risks.  Both the TVA and Ranked Vulnerability Risk worksheet are tools that are used as risk identification and assessment deliverables.  

References

Whitman, M. E., & Mattord, H. J. (2010). Security Management Models. Management of information security(3rd ed., pp. 211-246). Boston, MA: Course Technology, Cengage Learning.