Training Reference - training, learning and development news

Browse topics

Home > News > May 2004 > 03-May-2004

IT security training and certification paying off for organisations says survey

Organisations investing in security training and certification for their information technology personnel are less likely to experience major security breaches, according to a recent study on IT security by CompTIA, the Computing Technology Industry Association.

Organisations with at least one-quarter of their IT staff trained in security reported fewer security breaches (46.3 percent) than organisations with less than one-quarter of IT staff trained in security (66.0 percent). Among those who have invested in IT security training, 80 percent feel that their security has improved; 70 percent of those who have invested in certification feel the same way. Nearly 900 organisations across a range of industries, including education, financial services, government, health care, IT, and manufacturing, participated in the second annual CompTIA study.

"There is growing recognition that training and certification are key elements in improving IT security," said John Venator, president and chief executive officer, CompTIA. "Now more than ever, organisations realise that information and intellectual property are their lifeblood. They also realise that it's easier than ever for people to access, lose or steal this information. Anyone with a PC, a laptop, a mobile phone, or a PDA is a potential threat to security."

In remarks delivered last week in Hong Kong at Business Week's 13th Annual Asia Leadership Forum, Venator said the real and perceived improvements in security are accompanied by hard numbers when the return on investment (ROI) from training and certification are discussed. The CompTIA study found that the median value of estimated ROI for training is $20,000 per trained employee per year; while the median value for ROI for certification is $25,000 per certified employee per year.

More organisations are requiring security training (30.2 percent, up from 23.2 percent a year ago) and security experience (28 percent, up from 18.8 percent) for their new IT staff hires.

"Anyone can claim to be astute in the area of IT security," Venator said. "But organisations today are looking for individuals with proven security experience. Obtaining industry-recognised certification, such as CompTIA Security +, is one way in which IT professionals can demonstrate their expertise."

Security training and certification are extending deeper into IT departments, the CompTIA survey found. Fifteen percent of organisations require all IT staff to have such training; and 31 percent of organisations require at least half their IT staff to be trained in security matters. The comparable figures for last year were 11 percent and 22 percent.

Among specific job positions, increases in security training were reported for director level (up 6 percent), engineering level (up 14 percent), project manager level (up 14 percent), and product developer level (up 10 percent).

The study also found that that increasing percentages of IT budgets are being spent on security. Nearly one in four respondents (22 percent) said they will spend 20 percent or more of their total IT budget on computer security. That's up from 15 percent last year.

The study was conducted for CompTIA by TNS Prognostics of Palo Alto, California.

Related information

For related news, case studies, articles and research, visit our
IT training home page

Training and development books

Discover books on a variety of training and development topics at the Training Reference Bookshop

Source suppliers

Visit the Training Reference Directory to view supplier details for a wide range of courses, products and services.

Sponsored links

Back to top   

Source suppliers

Visit the Training Reference Directory to source suppliers for a wide range of training courses, products & services.

Sponsored links

Newsletter

Receive our FREE newsletter and keep up-to-date with the latest information. Click here to subscribe

Training Reference accepts no liability or responsibility for any direct, indirect or consequential loss or damage caused by the user's reliance on any information, material or advice published on, or accessed from, this website. Users of this website are encouraged to verify information received with other sources. E&OE. All trademarks acknowledged. © Copyright Training Reference 2003 - 2007