Janco has just released it 2018 IT Salary and has identified the top 10 IT Jobs in high demand. While the overall median salary for IT professionals now is over $90K, these in-demand jobs command more. (FYI full job descriptions for the top 10 jobs are contained in Janco IT Job Descriptions HandiGuide)
Big Data Programmer/Analyst – $135K to $196K . A big data programmer/analyst’s job is to turn these mountains of data into actionable insight. Exponential data growth is a reality and will double every two years at least, representing massive growth from 2010 to 2020.
Data Scientist – $116K to $163K. A Data Scientist interprets, analyses, and scrubs data at an advanced level.
Database Specialist – $108K to $161K. A Data Specialist selects and implements database solutions.
Data Security Analyst – $118K to $169K. A Data Security Analysts are cybersecurity professionals who manage security software, instruct users on best practices and ensure the enterprise system is free of breaches.
Software Programmers – $93K to $155K. Software developers create, advance and maintain web, mobile and systems applications. Skills in demand are included C++, iOS, and Android.
Software Engineers (System Programmers) – $108K to $166K. Software engineers create advanced-level applications for computer systems, web applications, and mobile devices. These IT professionals are experts in both code and computer science.
Web Designers – $70K to $118K – Designers, unlike their non-tech colleagues, leverage both their creativity and coding skills to create full stack websites. These technology mavens are experts at creating more meaningful user experiences with advanced coding, leading to higher conversions and better traffic data.
Wi-Fi and LAN Network Engineers – $99K to 146K. Network engineers make enterprise operations work by designing, managing and securing complex infrastructures.
Network Security Administrators – $107K to $155K. Network Security Administrators use their extensive knowledge of networks to provide security to complex infrastructures. Their primary focus is combating phishing scams, ransomware, and other hacking attempts by cybercriminals.
Network Security Engineer $115K – $162. Network Security Engineers are responsible for implementation, maintenance, and integration of the corporate WAN, LAN and server architecture.
10 Security Assessment Questions 10 Security Assessment Questions Security Assessment Questions To stop a breach tomorrow, what does the enterprise need to differently today? Does the enterprise know if...
Failed Business Continuity – This morning about 2:00 AM MST one of the largest providers of cloud services went down. As I write this it is 11:30 AM MST and the service is still down.
It seems that their entire network – both the east coast and west coast is down. I talked to their corporate office and at this time they have no idea as to when they will be back up and at the same time the person I talked to said he did not know what their business continuity plan was since this was a nation-wide failure in their network.
They should have followed the 10 commandments that we published earlier.
Analyze single points of failure: A single point of failure in a critical component can disrupt well engineered redundancies and resilience in the rest of a system.
Keep updated notification trees: A cohesive communication process is required to ensure the disaster recovery business continuity plan will work.
Be aware of current events: Understand what is happening around the enterprise – know if there is a chance for a weather, sporting or political event that can impact the enterprise’s operations.
Plan for worst-case scenarios: Downtime can have many causes, including operator error, component failure, software failure, and planned downtime as well as building- or city-level disasters. Organizations should be sure that their disaster recovery plans account for even worst-case scenarios.
Clearly document recovery processes: Documentation is critical to the success of a disaster recovery program. Organizations should write and maintain clear, concise, detailed steps for failover so that secondary staff members can manage a failover should primary staff members be unavailable.
Centralize information – Have a printed copy available: In a crisis situation, a timely response can be critical. Centralizing disaster recovery information in one place, such as a Microsoft Office SharePoint® system or portal or cloud, helps avoid the need to hunt for documentation, which can compound a crisis.
Create test plans and scripts: Test plans and scripts should be created and followed step-by-step to help ensure accurate testing. These plans and scripts should include integration testing silo testing alone does not accurately reflect multiple applications going down simultaneously.
Retest regularly: Organizations should take advantages of opportunities for disaster recovery testing such as new releases, code changes, or upgrades. At a minimum, each application should be retested every year.
Perform comprehensive recovery and business continuity test: Organizations should practice their master recovery plans, not just application failover. For example, staff members need to know where to report if a disaster occurs, critical conference bridges should be set up in advance, a command center should be identified, and secondary staff resources should be assigned in case the event stretches over multiple days. In environments with many applications, IT staff should be aware of which applications should be recovered first and in what order. The plan should not assume that there will be enough resources to bring everything back up at the same time.
Defined metrics and create score cards scores: Organizations should maintain scorecards on the disaster recovery compliance of each application, as well as who is testing and when. Maintaining scorecards generally helps increase audit scores.
Top 10 Disaster Recovery Best Practices As requirements for avoiding downtime become increasingly stringent, administrators need tools and platforms that can help them plan, design, and implement disaster recovery strategies that...
Credit card chip usage improves the security landscape
Required for compliance
Merchants pay a lower fee
Physical card is required for in-store transactions
Credit card chips reduce counterfeit card fraud: Countries that have been using chip cards for many years have seen significant reductions in counterfeit card fraud. In the UK, for example, counterfeit card losses have been reduced by 70%.
An increased number of chip cards in consumers’ possession: over 600 million chip cards have been issued in the U.S. as of the end of 2016.
Majority of all retail outlets now accept chip cards: almost 90% of all travel, entertainment, and high-cost retail operations accept chip cards
Swipe and insert versus manually keying in card information is more accuracte
Daily settlement of transactions for merchants
Get accurate customer information: For online transactions validate customers’ billing and address information is entered correctly.
10 Question Security Assessment Process for CIOs and CSOs
10 Question Security Assessment Process is a way for CIOs and CSOs to quickly identify risks that they need to address.
What does the enterprise need to differently today in order to stop a breach tomorrow?
Does the enterprise know if the company has been breached? How does it know?
What assets are protecting, what are they being protected from (i.e., theft, destruction, compromise), and who are they being protected them from (i.e. cybercriminals or insiders)?
What risks does the enterprise face if it is breached (i.e., financial loss, reputation, regulatory fines, loss of competitive advantage)?
Does the enterprise’s IT security implementation match the enterprise’s business-centric security policies?
Are formal written policies, technical controls or both in place? Are they being followed?
What is the enterprise’s security strategy for IoT?
What is the enterprise’s security strategy for BYOD and “anywhere, anytime, any device” mobility?
Does the enterprise have an incident response plan in place?
What is the enterprise’s remediation process? Can the enterprise recover lost data and prevent a similar attack from happening again?
Supports Meaningful Use Compliant Stage Implementation – Meets HIPAA Ransomware Guidelines — Comes in eReader, MS Word, and PDF formats. Includes 24 Electronic Forms that are ready to use and User Bill of Rights for Sensitive Data and Privacy
10 Security Assessment Questions 10 Security Assessment Questions Security Assessment Questions To stop a breach tomorrow, what does the enterprise need to differently today? Does the enterprise know if...
IT Security Decision Process IT Security Decision Process The IDG Enterprise Role & Influence of the Technology Decision-Maker survey helps CIOs understand their evolving roles and influence in today’s...
Risk Assessment Methodology Risk Assessment Methodology Risk Assessment Methodology extracted from Janco’s Security Manual Template — Risk management is a process to identify, assess, manage and control potential events...
Wet objects (electronic) – Disconnect from the power source and do not turn it on. In the case of disk drives or other electronic storage devices – inventory all of them and label them.
Mobile Devices – cell phones – Small items like cell phones and mobile devices can be put in rice. The rice absorbs the moisture and after a day or two, they can be turned on. In most cases, this works.
Wet objects (non-electronic) – Rinse with clear water or a fine hose spray. Clean off dry silt and debris with soft brushes or dab with damp cloths. Try not to grind debris into objects; overly energetic cleaning will cause scratching.
Drying Objects – Air dry objects indoors if possible and use portable fans to move the air. Sunlight and heat may dry certain materials too quickly, causing splits, warping, and buckling. If possible, remove contents from wet objects and furniture prior to drying. Storing damp items in sealed plastic bags will cause mold to develop.
Mold Prevention and Cleanup – Exposure to molds can have serious health consequences such as respiratory problems, skin and eye irritation, and infections. The use of protective gear, including a respirator with a particulate filter, disposable plastic gloves, goggles or protective eye wear, and coveralls or a lab coat, is therefore essential. In order to inhibit the growth of mold and mildew, you must reduce humidity. Increase air flow with fans, open windows, air conditioners, and dehumidifiers. Moderate light exposure (open shades, leave lights on in enclosed areas) can also reduce mold and mildew. Remove heavy deposits of mold growth from walls, baseboards, floors, and other household surfaces with commercially available disinfectants. Avoid the use of disinfectants on historic wallpapers. Follow manufacturers’ instructions, but avoid splattering or contact with objects and wallpapers as disinfectants may damage objects.
Broken Objects – If objects are broken or begin to fall apart, place all broken pieces and detached parts in clearly labeled, open containers. Do not attempt to repair objects until completely dry or, in the case of important materials, until you have consulted with a professional conservator.
Paper Materials – Documents, books, photographs, and works of art on paper are extremely fragile when wet; use caution when handling. Free the edges of prints and paper objects in mats and frames, if possible. These should be allowed to air dry. Rinse mud off wet photographs with clear water, but do not touch surfaces. Wet books and papers should also be air dried or kept in a refrigerator or freezer until they can be treated by a professional conservator.
Office Furniture – Furniture finishes and painting surfaces may develop a white haze or bloom from contact with water and humidity. These problems do not require immediate attention; consult a professional conservator for treatment. Textiles, leather, and other “organic materials will also be severely affected by exposure to water and should be allowed to air dry. Shaped objects, such as garments or baskets, should be supported by gently padding with toweling or unlinked, uncoated paper. Renew padding when it becomes saturated with water. Dry clean or launder textiles and carpets as you normally would.
Art Work – Remove wet paintings from the frame, but not the stretcher. Air dry, face up, and away from direct sunlight.
Metal Objects – Rinse metal objects exposed to flood waters, mud, or silt with clear water and dry immediately with a clean, soft cloth. Allow heavy mud deposits on large metal objects, such as sculpture, to dry. Caked mud can be removed later.
Minimize breach response cost with operational strategy
While the costs of a data breach can vary widely on a case-by-case basis, CIOs who understand the drivers behind the expense will be better positioned to take steps needed to protect their organization.
Here are 6 way to minimize breach response cost:
Eliminate data you do not need.
You can potentially dramatically reduce your exposure by destroying records of past customers. You cannot lose data if you do not save it. In 2015 one company served 69 million customers, yet when they were breached that year, they exposed 78 million records. The extra nine million records most likely come from former customers. Each of these individuals had to be notified and offered credit monitoring, driving up costs.
Do not store street address if there is no real business requirement.
When a breach occurs, companies are typically required to notify affected individual via old-fashioned, handwritten “snail mail.” But they can use alternative methods of notification, such as email or public announcement if they do not have a valid mailing address. Physical, written notifications can cost up to $2 per person, and the cost quickly adds up. It may be worth asking twice what the business need for those customer addresses is and considering not capturing these addresses to reduce the exposure to notification requirements.
Utilize logs to prove proof a breach or data loss did not occur.
One industry study shows that in 44% of incidents, public notification is not required. To avoid notification, companies must prove that, even if they were attacked, no records were improperly accessed. To do so, they use systems logs. Without logs, a company may be forced to assume a breach occurred because it cannot prove otherwise.
Follow PCI rules and protect credit card data.
For breaches that involve credit card data, reimbursing card companies for fraudulent transactions can amount to a staggering cost, from $3-$30 or more per card. New chip cards are designed to reduce fraud, and early data show they are having the intended effect – MasterCard reported a 54% reduction in counterfeit card fraud costs at retailers who have switched to chip cards.
Use experts who know the breach response landscape.
Your breach response effort is not a good time to reinvent the wheel. Missteps happen fast and have serious consequences. Credit monitoring alone can cost $5 to $30 per person. Data breach specialists, such as PR consultants or data privacy lawyers, often have seen as many as hundreds of data breaches and are highly practiced at helping you craft a genuine story that keeps confusion – and costs – down.
Be prepared for additional audits and compliance reviews.
In the wake of a breach, a company may be audited and investigated by a number of regulatory agencies. While it’s not guaranteed to occur, it is likely, and there are simple steps you can take to prevent sensational fines if it does. To start, CIOs and CFOs should be strong advocates for the implementation of the security controls recommended by external auditors or by regulators themselves.
Chief Digital Office (CDO) & Chief Mobility Officer (CMO) Hot C-Level Jobs
Top 5 Hot Jobs – CDO & CMO Hot C-Level Jobs that are not only new but also hot. In the case of Chief Digital Officer (CDO), we have found that one in five companies now have some in that role. In addition, half of those enterprises hired the incumbent in the last 12 months. The case is not quite as strong for the Chief Mobility Officer (CMO) as we found that only one in ten organizations have an individual other that the CIO assuming those responsibilities.
Many of the hot new jobs often report to the operational side of the business, instead of the traditional IT organization under the authority of the CIO. Part of the reason for that is that almost half of all IT functions report up thru the financial side of the enterprise, not the operational side.
The five hot new jobs are listed below and have links to pages describing the major roles and responsibilities they have:
All of these jobs have one thing in common. They are addressing the issues, roles, and responsibilities of the new age marketplace. Without the Internet, e-commerce, and mobile users there would be no need for these positions.
But, as it is these are the new jobs that have been created by these new technologies and changes that have taken place.
Telecommuting Top 10 Reasons Why include the following:
Flexible Work Hours – If employees telecommute then their schedules become more flexible.
Reduce costs – telecommuters can save money on transportation costs such as gas, parking, public transportation, work clothes, and dry cleaning bills. Employers can save money by reducing overhead and retaining employees.
Ease the strain on employees -telecommuters have greater flexibility to plan non-work-related activities around their business schedule instead of searching for the time in the early morning, late evening, or during lunch.
More Productive – telecommuters will save the time they now take to commute to their place of employment.
Minimize Non-Work Distractions – At times employees in an office setting can be distracted from their work by untimely interruptions from peers, impromptu meetings, or pulled away onto other projects. Telecommuters may find themselves more productive.
Better Morale – Working from home usually means telecommuter have more time with their family.
Green Solution – Working from home part or full-time reduces the auto emissions and decreases gas consumption.
Stay Healthy – Working from home decreases the stress caused by inflexible hours, commuting time and costs, continual rushing to unmet family needs, sitting idle during a commute and provides time to exercise or pursue endeavors of particular interest to you.
Potential Tax Deductions – Income deductions are available for home-based work-related expenses such as fax, scanner, phone, computer and office supplies.
Reduce the Need for Outsourcing – Working from home helps keep jobs domestic and reduces need or desire for business and industry to contract with other countries for work that can be done at sites other than the main office.
Labor Force Participation Plummets Labor Force Participation Plummets In April of 2014 the work force participation percentage of all employees (male and female) fell dramatically to 62.8% as 800,000...
About CIO blog has proven tips and tools. This blog is intended for the CIO and IT Managers. The blog discusses Disaster Recovery Planning, Business Continuity,...
Productivity Improved By Telecommuting A growing number of enterprise employees are telecommuting – ranging from ad hoc work from home due to temporary family situations to full-time telework/home work...
10 steps to a raise is a program that anyone can follow. They are easy and something that IT pros (and others) can implement fairly quickly. However the results may take some time.
Make users love you
Understand where the CIO and company are moving
Learn how to implement and apply the latest technology
Get certification or first hand experience
Market your skills
Have and use the latest technology and tools
Provide peers with insight and training on your area of expertise
Fit into the organization as a team player
Be a focal point in the latest technologies
Network with IT Pros in other organizations that have the same technical responsibilities
Janco and eJobDescription.com has conducted salary surveys of the IT Job market since 1989. The data from this survey has been published in the Computer Industry Almanac, the Wall Street Journal, the New York Times, eWeek, and many other business and industry publications. In addition over the years it has been featured on CNN, the Wall Street Journal, and several national and international media outlets.
The salary survey is updated twice a year; once in January and then again in July. Janco and eJobDescription.com not only look at base salaries, they also report on total compensation.
Women CIOs hold over 20% of all CIO roles according to data analyzed by Janco Associates
Women CIOs – In the process of capturing public data on CIO compensation, Janco has found that well over 1 out of 5 CIOs is a women.
According to the CEO of Janco Associates, at least two thirds of large public companies doing CIO searches require the recruiter to include women in the candidate pool. Further, when “all else is equal”, between a male candidate and a female one, companies are tending to choose the latter specifically to enhance the diversity of perspectives on the management team.
Unfortunately, even with this data, there are still too few women in senior, experienced roles to populate the candidate pools of all diversity-minded companies. So it’s not enough to decide at the CIO level to hire a woman. The relevant decisions must be made and opportunities offered earlier, at the developmental stage of potential finance leaders.
Companies need to provide more mentors who can share wisdom about things like where to invest time and ways to be motivated.
For those with leadership potential who prioritize family and stability over always making the best career move, the path to the C-suite may be inherently more difficult in CEO and finance than in other functions, like IT and human resources.