More evidence points to value of security certification

Published 9 February 2010

Certifications improve prospects for hiring and higher salaries; holders of the CISSP, SSCP or CAP certifications who work in the Americas and have at least five years experience earn [an average of] $102,376 per year — more than $21,000 higher than IT pros who also have five years experience but lack the certification

Are there benefits to holders of security certifications in the job market? M. E. Kabay writes in NetworkWorld that a number of studies suggested that certifications do indeed improve prospects for hiring and higher salaries. In a subsequent article Kapaby wrote for Computerworld, he concluded the review of recent studies and surveys with yet more encouraging news for holders of security certifications.

In June 2008, NetworkWorld writer Jon Brodkin pointed out that “Overall, the value of 164 IT certifications measured by Foote dropped 4.9 percent the past two years and 1.6 percent in the six-month period ending April 1 [2008].” Brodkin wrote, however, that “Some certifications are bucking the trend and rising in value. IT security certifications rose 3.1 percent in value over the past two years and 1.2 percent in value in the last six months. Certain types of security skills are seeing dramatic growth. A 27 percent rise in value was measured for the Certified Information Security Manager designation, just in the past six months. In second place with a 25 percent rise in the last six months was the GIAC Security Expert cert.”

In a follow-up article, Brodkin reported on a survey carried out for the International Information Systems Security Certification Consortium, (ISC)^2, which showed “that holders of the CISSP, SSCP or CAP certifications who work in the Americas and have at least five years experience earn [an average of] $102,376 per year — more than $21,000 higher than IT pros who also have five years experience but lack the certifications.”

Reporting on the popularity of security certifications, Joan Goodchild of CSO Magazine wrote about a CompTIA survey that came out in late October 2009. The study of more than 1,500 IT workers found that many of them planned to pass certifications in security, ethical hacking and digital forensics.

Goodchild added …[M]ore companies are requiring IT security certification…. [T]he number of organizations where IT security certification is required has increased by half and is continuing to grow; 32 percent of employees were required to have certifications in 2008, compared to 20 percent in 2006.

Foote Partners maintains a database with constant updates to produce its annual “IT Skills and Certifications Pay Index.” The latest edition (as of this writing in the first week of January 2010) includes “data collected through January 1, 2010.” A 55-page PDF sample of the $2,500, 305 page quarterly report ($9,750