CompTIA Security+™ and Your Career
CompTIA Security+™ and the US Department of Defense
In 2004, the US Department of Defense (DoD) established Directive 8570.1: Information Assurance Training, Certification and Workforce Management. It requires that all DoD Information Assurance technicians and managers are trained and certified. CompTIA Security+ is an approved certification that meets DoD requirements.
Visit the US Government resources page for more information.
CompTIA Security+ Benefits:
CompTIA Security+ is a solid credential that can be utilized in any industry.
U.S. Dept. of Defense and Directive 8570.1: U.S. DOD employees or contractors engaged in work related to information security are required to be certified, as specified in a list of certifications included in the DOD Directive 8570.1 manual, and CompTIA Security+ is one of the designated certifications.
Healthcare industry and HIPAA (Health Insurance Portability and Accountability Act): This Congressional Act of 1996 requires that standards be met in the security and privacy of data in the healthcare industry. One way that healthcare companies can demonstrate their compliance with the standards in this act is to verify certification of their network and information security staff.
Financial industry and Web-based attacks: The financial industry and its customers are vulnerable to attacks designed to gain access to personal account information. Those who provide network security are critical in this business, and the CompTIA Security+ certification is an assurance of baseline competency.
CompTIA Security+ validates your achievement in an industry-valued skill.
All industries need trained security professionals to combat hackers and security threats. CompTIA Security+ shows employers you can maintain the integrity of their business communications, infrastructure and operations.
CompTIA Security+ provides a viable career path and employers value certified professionals.
Nearly 33 percent of U.S. firms require a security certification, which has increased from only 25 percent in 2006 and 14 percent in 2005.
Summary of “Trends in Information Security: A CompTIA Analysis of IT Security and the
Workforce”Survey Information
About the Study
The annual CompTIA in-depth research study on IT security focuses on identifying key trends in IT security, quantifying current and future spending on IT security, assessing the costs associated with IT security breaches, understanding the causes of IT security breaches and impact of these breaches, and determining the effectiveness of IT security training and certification. More than two thousand IT professionals responsible for security at their organizations answered the questionnaire. Respondents were from the United States, Canada, the United Kingdom, and China and represented a wide range of industries including Education, Financial Services, Government, Healthcare, and IT.
Key Findings
Information security is seen as a key risk among firms, with 80% of US respondents indicating that it is considered top priority by management. Nearly two-thirds of US firms, more than half of UK and Chinese firms, and two-fifths of Canadian firms have implemented written IT security policies.
The most widespread threats in the US today stem from spyware, the lack of user awareness, and virus and worm attacks. Canadian organizations indicate riskier browser-based attacks and wireless networking security while Chinese organizations indicate significant threats from spyware, viruses, worms, and browser-based attacks.
The percentage of their IT budget that companies dedicate to security is growing year after year. In the US, companies earmarked 12% of their IT budget in 2007 for security purposes – up from only 7% in 2005. The bulk of these dollars are used to procure security-related technologies.
Companies spend substantial amounts on prevention because security breaches can be costly if they occur. In the past year, US firms shelled out an average of over $200,000 as a result of security breaches, a third of which was attributed to the loss of employee productivity. Moreover, in the last year in the US, Canada and UK, IT staff members spent over 10% of their time dealing
with security breaches, and in China, almost 20% of their time.
Nearly 60% of US companies require IT security training for IT staff and more than half make training available to non-IT staff. Companies are also increasingly requiring IT security certification. Nearly 33% of US firms make certification required now compared to only 25% in 2006 and 14% in 2005. However, a full 78% of organizations in China require certification.Security training has saved US organizations upwards of $2.2 million in total, much of which is due to a reduction of server/network downtime and fewer impacts to employee productivity. Likewise, the provision of IT security certification has saved US companies over $675,000 in total for similar reasons.
Complete reports, white papers and Web poll results are available to CompTIA Corporate Members. Use the ‘Member Login’ box on the left to access all of CompTIA research, or click here if you have forgotten your username or password. The information contained throughout the studies is proprietary to CompTIA. Small segments may be quoted if proper citation is made. For more information please contact research@comptia.org.
What is CompTIA Security+?
CompTIA Security+™ certification is an internationally recognized
validation of the technical knowledge required of foundation-level
security practitioners. CompTIA Security+ candidates will have a minimum of two
years experience in networking with an emphasis on security. They should also
have prepared using adequate study materials or formal training. The objectives
of the CompTIA Security+ exam were derived through input from industry,
government and academia, through a job task analysis and a survey of more than
300 organizations with participants from 26 countries.
What the Industry is Saying About Security+
“A security manager can’t go wrong having their entire staff CompTIA Security+
certified, including the help desk. It gives them a broad based common level of
knowledge. It allows a level of communication that would not otherwise be
there. CompTIA Security+ is a logical stepping stone – management should
require it for every sensitive position.”
