Monday, July 28, 2014

RHT: Risk Fighters: Information Systems Security Manager

by Robert Half Technology
July 28, 2014


Information systems security manager salaries in the United States are expected to rise 6.8 percent this year.
Companies of all types are challenged with staying on top of information systems security and compliance risk. That’s why the skills of the information systems security manager are among the most sought-after in today’s technology hiring market.
“Cybercrime is growing exponentially, and the job of the information systems security manager is similar to the role of ‘cop’ in a game of cops and robbers,” says John Asdell, branch manager, Robert Half Technology, San Diego, Calif. “These professionals need to stay one step ahead of malicious actors trying to breach systems and steal data. With more potential points of entry for compromise than ever before, it’s essential for companies to know where weaknesses and vulnerabilities are, what potential risks may exist, and how to prevent and mitigate threats.”
Information systems security manager salaries on the rise in 2014

Information systems security manager salaries in the United States are expected to rise 6.8 percent this year, according to Robert Half Technology’s 2014 Salary Guide. Starting compensation for this in-demand role is projected to range from $115,250 to $160,000.* Use the Robert Half Technology Salary Calculator to find specific salary information for your city.
What does it take to be an information systems security manager?

An information systems security manager should expect to have some or all of the following responsibilities:
  • Providing leadership, guidance and training to information systems security personnel
  • Ensuring security policies and procedures are current and effective
  • Preparing for security audits and vulnerability and threat assessments
  • Ensuring all security and privacy mandates are compliant
  • Preventing, detecting and responding to network and system intrusion
Asdell emphasizes that information systems security managers must be able to work effectively with leadership to explain security issues and identify and implement appropriate solutions.

“Internally, the information systems security manager needs to have the ability to communicate from the top down,” he says. “This person needs to help drive home the importance of security so everyone in the organization takes it seriously.”
Becoming an information systems security manager

For the information systems security manager role, employers typically seek professionals with a bachelor’s degree in information systems or a related field along with five or more years in systems and network security experience. Expert problem-solving skills are also highly valued.

Asdell adds that when it comes to working as an information systems security manager, credentialsare an important part of the job. He recommends information systems security managers earn the following certifications:
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
“If someone is interested in landing a job as an information systems security manager, that person should likely start off in a position with a highly credentialed auditing firm,” Asdell says. “The job should focus on IT and auditing. These skills cross over easily and allow people to dissect the inner workings of a company while refining their review and analysis abilities.”

Look to Robert Half Technology’s latest Salary Guide for job descriptions and starting compensation trends for a wide range of IT jobs—including information systems security manager.

*Information systems security manager starting salaries in Canada are projected to increase 6.7 percent in 2014 with a starting salary ranging from $104,250 to $136,250.



— Robert Half Technology

With more than 100 locations worldwide, Robert Half Technology is a leading provider of technology professionals for initiatives ranging from web development and multiplatform systems integration to network security and technical support. Visit our website at www.rht.com.

10 smartphone habits you should avoid

By Andrea Bartz and Brenna Ehrlich, Special to CNN
updated 12:00 PM EDT, Mon October 8, 2012 | Filed under: Mobile



A woman uses her smartphone as crossing street in Washington, DC, on May 9, 2012.
Editor's note: Brenna Ehrlich and Andrea Bartz are the sarcastic brains behind humor blog and book "Stuff Hipsters Hate." Got a question about etiquette in the digital world? Contact them atnetiquette@cnn.com.

(CNN) -- We begin this week's column with a stunningly beautiful quote from Anais Nin (brought to our attention by the inimitable siteBrainpickings). Read it slowly because it's that good.

(Yes, we're enculturating you in Netiquette. We can hear the shouty, complainy e-mails already.)

"The secret of a full life is to live and relate to others as if they might not be there tomorrow, as if you might not be there tomorrow. ... This thought has made me more and more attentive to all encounters, meetings, introductions, which might contain the seed of depth that might be carelessly overlooked.

"This feeling has become a rarity, and rarer every day now that we have reached a hastier and more superficial rhythm, now that we believe we are in touch with a greater amount of people, more people, more countries. This is the illusion which might cheat us of being in touch deeply with the one breathing next to us. The dangerous time when mechanical voices, radios, telephones, take the place of human intimacies, and the concept of being in touch with millions brings a greater and greater poverty in intimacy and human vision."

Nin wrote those words in 1946, but she might as well have been writing them today. She starts with a YOLO and ends with a contemporary-sounding rumination of just how horrible we've all become now that we hold the power to be in touch with millions of people in the palms of our hands.

That's right, we're talking about how annoying and rude and antisocial we've all become with our smartphones and tablets. As CNN investigates all the ways mobile devices are changing our lives, we'd like to peel our eyes off our glowing screens long enough to recount our top eight egregious handheld errors.

These are things you literally could not do before the www went mobile; now we're embarrassing ourselves all over the place. Please stop:

1. Drunk -tweeting, -texting, -Instagramming, etc.

Long gone are the days when the only witnesses to your inebriated ramblings were other bar patrons who also saw you stumble from your bar stool to the ground. Whether you're able to keep it together with spelling and syntax (in which case, you've just got the world going, "Wait, she wants to do WHAT to Paul Ryan?!"), or your typing skills erode quickly, alcohol and mobile devices don't mix.

2. Fooling around on your phone whenever you have a spare moment.

As writer Austin Kleon writes in his alarmingly cute book, "Steal Like an Artist," we need unstructured time for creativity to foster, down time in which we mess around and let our disconnected thoughts gel into cool ideas.

If you turn every spare moment (a red light, a line at the salad station, a ride in the elevator) into an excuse to check your Cinemagram feed, you just won't have those artistic a ha! moments. (And no, "Draw Something" doesn't count.)

3. Passive-aggressively whining for the whole world to see.

Look, we all have our personal stock of First World Problems, frustrated complaints with the minor injustices committed by a cruel, uncaring world. That's been true since the dawn of time. Now we just have myriad means of expressing them.

Nobody cares about your thinly veiled railings against your ex or roommate or employer, OK? Unless you've scribbled it on a notepad, in which case you should share it with the world. So that we can laugh at you.

4. Being really, really scared to actually use the phone.

Phones and tablets have made it oh so easy to communicate without using our voiceboxes. This is bad for relationships for oh so many reasons. Anais Nin would just hate it. Hit "dial" and enjoy the time-honored pas de deux of two humans, you know, talking.

5. Missing your favorite band's concert because you're so busy taking crappy photos, letting your phone ring and fiddling with your phone during the set.

Your hard-of-hearing, reformed punk-rock uncle was right: Concerts really WERE better back in the day, not necessarily because music really meant something, man, but because the audience actually paid attention and sang along and danced instead of holding their phones in the air and spending 30-plus seconds trying to find the shutter button on the front of the screen.

Your punkle would be so disappointed if he still made it out to shows today.

6. Texting salacious pictures.

The ritual sharing of NC-17 photos used to be a complicated analog affair involving Polaroids and furtive looks. Nowadays, people just drop trou, snap and send. Analyze THAT, Anais Nin.

7. Turning your friends into enemies with videos of them.

Camcorders have become tiny and discreet and as user-friendly as checking your e-mail. This is potentially bad news for those people you hang out with, as you hold in your hands a recording device that can humiliate them forever.

Set ground rules and roll the camera judiciously, lest you wind up publicly shaming a friend for her foul mouth, caught-on-film fart or unpopular political opinions.

8. Letting your seething anger leach out into the world at large.

Humans have always done stupid things when they're emotionally riled up. Now, those tantrums and rages and outbursts are shared and cached for the world to see. Take a deep breath and put down the smartphone.

9. Texting while walking.

Rarely does this go well. Whatever's so urgent can probably wait a few minutes. Or you can, you know, actually call the person (see No. 4).

10. Using your phone in the bathroom.

Don't. Just don't.

Hackers steal user data from the European Central Bank website, ask for money



Lucian Constantin
Jul 24, 2014 5:50 AM
PC World

Hackers have stolen user contact information, including email addresses and phone numbers, from the website of the European Central Bank and attempted to extort money from the institution.

The attackers exploited a vulnerability to access a database serving the ECB’s public website, the institution announced Thursday on its website. No internal systems or market sensitive data were affected, the ECB said.

The compromised database primarily contained contact information provided by users when registering for various ECB events and conferences. Most of the data was encrypted, but email addresses, phone numbers and street addresses were not, according to the ECB.

The database contained around 20,000 email addresses and a lower number of phone numbers and physical contact addresses, an ECB spokeswoman said Thursday. It’s not known at this time if the attackers copied the entire database or only parts of it, but 95 percent of the information in the database was encrypted, she said.

ECB learned of the breach late Monday night when it received an anonymous email from the attackers seeking financial compensation for the data.

The ECB has not and will not pay anything, the ECB spokeswoman said.

The incident was reported to police in Frankfurt, where the ECB is headquartered, and an investigation has been launched. The Frankfurt police did not immediately respond to an inquiry seeking more information about the extortion attempt.

The ECB has reset all user passwords on its website as a precaution and is contacting people whose email addresses and other data might have been compromised. The vulnerability exploited by the attackers has been identified and fixed.

Given that people typically interested in ECB events work in the financial industry, the stolen email addresses could prove a valuable resource for phishers.

The affected individuals could be at a higher risk of fraud and phishing attacks following this security breach, said Jon French, a security analyst at email and Web security firm AppRiver, via email. Personal information about the target could make a phishing attack more convincing than a random spam email. “Likewise the attacker could just attempt to use the gained personal data and attempt to use it to commit fraud.”

Extortion attempts using stolen customer data are increasingly common. In June, hackers threatened to release stolen personal information on more than 650,000 French and Belgian customers of Domino’s Pizza unless the company paid them 30,000 euros (over US$40,000).

“Unless we’re missing some important facts, it makes little sense for the ECB to pay a hacker money in this circumstance, as there’s no guarantee that he won’t also sell access to the data in addition to getting the ransom,” said Tim Erlin, director of security and risk at security firm Tripwire, via email. “Data isn’t the same as a physical object or person. It’s copied, not stolen.”

Information is Beautiful: Million Lines of Code Visualization

Nice graphic

Friday, July 25, 2014

RHT: Hardest IT Skills to Find? Soft Skills


by John Reed
July 24, 2014  Robert Half Technology


Developing your soft skills is as important as keeping your tech skills current.
I recently had the opportunity to participate in the Microsoft Worldwide Partner Conference in Washington, D.C.
The event was a great way to catch a glimpse of the future of technology from a tech giant’s perspective, while talking to technology leaders from across the globe.

As I talked to different individuals in the tech community, there was a central theme that continued to resonate around the types of team members they want to hire, but struggle to find: Soft skills are the clear differentiator among tech candidates.

Having the right technical skills are obviously important to do the job, but increasingly the sentiment I’m hearing at gatherings like this one is, “I can teach tech skills, but not soft skills.”

Employers are looking for the whole package. Here are some of the most common soft skills that IT leaders are seeking in their next hires:
  • Communication: The ability to communicate to non-technical people in the organization, understand the business needs and deliver that feedback clearly to the IT team.
  • Problem-solving: The ability to understand complex business issues and solve them through technology.
  • Collaboration: The ability to leverage the strengths and unique perspectives of others within the organization, and work together toward an agreed-upon solution.
  • Team-oriented: The ability to work effectively and thrive as a member of various work groups to bring greater value to the overall organization.
  • Creativity: The ability to find new and innovative approaches to performing the business at hand.
Again, it’s not that demand for tech skills is diminishing — quite the opposite, in fact. But tech skills don’t stand alone in the new world order. Organizations covet team members who bring a strong balance of technical and soft skills to create innovative teams that give them a competitive advantage in the marketplace.

As always, I want to hear your perspective and feedback on this topic in the comments section below.

Thank you.



— John Reed

John Reed is the senior executive director of Robert Half Technology. He can usually be found racking up frequent flyer miles each week traveling to RHT offices across North America and speaking to industry groups about technology hiring trends. When he’s not on the go, he serves as an armchair quarterback for the Oklahoma Sooners. Follow him on Twitter @JReedRHT.