Internet Security Specialists Needed

Recent hacker paralysis of popular sites underscored the problem. Only a few colleges teach the skills.
By Vikas Bajaj KNIGHT RIDDER NEWS SERVICE

The recent hacker attacks that paralyzed popular Internet sites such as Yahoo.com and Amazon.com for several hours highlight the need for information technology security specialists.

American businesses are struggling to fill security positions because few IT workers have the skills needed to keep Web sites safe, experts say. Only a handful of universities offer courses or programs in the field.

"You are always starting from that fundamental problem that we have a deficit of . . . people with IT skills," said Harris Miller, president of the Information Technology Association of America.

Many people who work in Internet security come from the military or other federal agencies that police cyberspace, Miller said. Others have learned what they know on the job. And some companies hire "white-hat" hackers who break into systems not to do harm, but to reveal security vulnerabilities.

Security professionals are hired by corporations that have Internet-connected computer systems. Many also work for computer services and consulting firms such as Ernst & Young LLP, IBM Corp., and Electronic Data Systems Inc. (EDS).

A survey by the Sans Institute, a Bethesda, Md., research group, said network security administrators earned $56,442 a year on average in 1999, an increase of 11.47 percent from 1998.

Computer security has been important for many years, but the recent increase in online retailing and business-to-business transactions has made it a top priority.

"Last month's . . . attacks help yet another few people learn about the perils of security," said Rob Kolstad, Sans Institute program manager.

Tom Ament, vice president for EDS's indirect channels and alliances division, said the nature of computer security had changed and was evolving rapidly.

"You still read about viruses, but that's not the biggest issue anymore," he said. "It's the people trying to get into servers and pulling credit card information."

Many corporations are trying to retrain employees to learn security skills, Kolstad said. Recruiting these professionals from the outside will remain hard and costly.

"Most people are learning on the job and through seminars," Kolstad said. "The number of these people is growing tremendously, and the salaries are very attractive."

Global Knowledge Network Inc., a Burlington, Mass., training company, and ICSA.net, a security assurance firm in Reston, Va., have developed a certification and training curriculum for security administrators and engineers.

Laurie Wagner, ICSA.net vice president for business development, said the certification program would enable more professionals to enter the technology-security business.

Cal Slemp, IBM's director of global trust and e-commerce services, said front-line security professionals must be intimately familiar with corporations' applications and operating systems. And they must be able to adapt to constantly changing threats

Back To The Study