And the salaries being paid to security professionals continue to "show that security skills are highly valued," Paller said. Nearly 40 percent of the respondents to the SANS survey said they earned more than $100,000 annually, while only 1.65 percent said they were being paid less than $40,000 per year. Even those with less than three years of experience reported earning an average salary of almost $72,000, according to the SANS report, which notes that security salaries generally appeared to be highest on the West Coast.
Meanwhile, Vero Beach, Fla.-based Foote Partners says in its report that it has noted a continuing steady increase in the total amounts companies are willing to pay certified IT security professionals. The increases are still coming even as the average amounts paid to IT pros with 175 other tech certifications have continued a decline that began in 2006, according to Foote.
The consulting firm tracks the pay premiums earned by more than 22,500 IT workers and provides quarterly updates on its findings, breaking out the results on the basis of 354 different skills and certifications. In 2007, "we started to see a real uptick in spending for security labor," said David Foote, the firm's founder and CEO.
Over the last six months of 2008, employees with security certifications saw a 2 percent increase in the premiums that companies were willing to pay them above and beyond their basic salaries, Foote said. He added that such premiums have risen by an aggregate of about 3.4 percent over the last 18 months.
The security certifications that are attracting the largest premiums include ones related to network and wireless security, incident handling and ethical hacking, Foote said. However, interest in workers with security management certifications -- including the popular Certified Information Systems Security Professional and Certified Information Systems Auditor ones -- appears to have cooled off a little bit, based on the latest statistics gathered by Foote.
Computerworld is an InfoWorld affiliate.