Not long ago, I was talking with a CTO in Washington, D.C., who commented on how much security had been ratcheted up around the Capitol. Walk up to the building and ask to go inside, and a guard will raise his eyebrows and say, “Oh, no.”“Security here has made a 360-degree turn,” said this CTO, a longtime resident of the area. What he meant, of course, was that security has taken a 180-degree turn. But sometimes the things you don’t mean to say are closer to the truth.It’s not just physical security that has turned around since Sept. 11. While the overall IT sector is in the dumps and more people are getting laid off every time you blink, in the security world, the rule seems to be “make hay while the sun ain’t shining.” Every way you count the change, security spending is up.According to a recent survey from Metricnet, prior to Sept. 11, only 18 percent of companies were spending more than 5 percent of their IT budget on security. As of Nov. 13, 33 percent had decided to spend at least that much on security. Even as IT budgets are getting squeezed, funds are being redirected to information security. Looking for venture capital? Just toss the word security into the business plan for a wireless company. “You can be sure that the money will continue to flow into wireless security,” predicts Red Herring magazine.Salaries are still sunny too. While many other IT salaries are declining, the annual base salary for directors of security has risen more than 10 percent in the past year, from $108,000 to almost $120,000, according to a Foote Partners IT salary survey. And those numbers show no sign of declining. “Security is a maturing market,” says David Foote, cofounder of Foote Partners. “When you see an immature area of IT grow, that’s when you see salaries go up.” That’s a good thing. Somebody needs some good news, and information security is still woefully underfunded. The question is, How long will this push for increased security last?In our Nov. 15 issue, security guru Bruce Schneier called America “a bright-shiny-object sort of culture.” (See “Where Do We Go From Here?”) “We’ll talk about whatever the bright shiny object is, and if the bright shiny object changes next month, we’ll talk about that,” Schneier said. “Right now, security is important. But will anything change? Who knows? Ask me in six months.”I’m asking you today. Are you trying to get funding for security now, before we turn another 180 degrees, or is this the beginning of a more secure digital world?And will I ever set foot in the Capitol again? Related content news Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance Despite money pouring into programs around the world, training organizations have not managed to ensure employment for professionals, while entry-level professionals are finding it hard to land a job By Samira Sarraf Oct 02, 2023 6 mins CSO and CISO CSO and CISO CSO and CISO news Royal family’s website suffers Russia-linked cyberattack Pro-Russian hacker group KillNet took responsibility for the attack days after King Charles condemned the invasion of Ukraine. By Michael Hill Oct 02, 2023 2 mins DDoS Cyberattacks feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Security news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe