We get a lot of questions about cybersecurity, and with the new transitional SOC 2010 codes, which are part of our 2012.3 data run, we can start to offer better answers. The occupation that provides the nearest approximation to cybersecurity is information security analysts (SOC 15-1179).
Before we get to key data for this occupation, we want to spend some time unpacking an important change in the SOC system.
Earlier this year we wrote about how we are switching to the SOC 2010 system. As we summarized then, here’s how the changes are getting rolled out to our clients:
- Detailed data in “true” SOC 2010 codes will not be available until May 2013; 10-year projections not until early 2014;
- In the meantime, source data has become available in “transitional”/nonstandard SOC 2010 codes;
- EMSI plans to move to standard SOC 2010 by early 2014.
It is important to emphasize there are currently no data sources from the BLS coded in standard SOC 2010, and none will be available until May 2013. Instead, we are using a distinct set of “transitional” codes that are neither standard SOC 2000 nor standard SOC 2010. Most of the transitional categories (see here for the full list) are simply aggregations of related codes in the standard 2010 system. These same transitional codes are also used in the new 2010-2020 employment projections, which were released on February 1, 2012.
The BLS has further important details on this transition:
With a few exceptions, almost all the occupations are the same in the 2000 and 2010 occupational classifications systems, or occupations could be combined in one year to be the equivalent of an occupation in another year. Whenever possible, the 2010 occupation was used in estimation. However, there were several cases where occupations from the two structures had to be combined into a hybrid occupation, used temporarily in OES only. The starting point for combining data collected under both systems was the SOC crosswalk (see http://www.bls.gov/soc/). The full set of occupations for 2010 and the occupations on which they are based is available for download here.
Case Study: Information Security Analysts
So, with this in mind, let’s take a closer look at information security analysts, one of the transitional codes where we see several occupations combined into one. This means it doesn’t have an official long-form description yet, but rather several occupation descriptions are used in an aggregate classification. Here are the codes that are incorporated:
- SOC 15-1122 – Information Security Analysts: Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses.
- SOC 15-1134 – Web Developers: Design, create, and modify Web sites. Analyze user needs to implement Web site content, graphics, performance, and capacity. May integrate Web sites with other computer applications. May convert written, graphic, audio, and video components to compatible Web formats by using software designed to facilitate the creation of Web and multimedia content.
- SOC 15-1143 – Computer Network Architects: Design and implement computer and information networks, such as local area networks (LAN), wide area networks (WAN), intranets, extranets, and other data communications networks. Perform network modeling, analysis, and planning. May also design network and computer security measures. May research and recommend network and data communications hardware and software.
From 2009-2012, information security analysts added more than 15,000 new jobs, which amounts to 5% growth. The average wage is $36 per hour and there are now nearly 314,000 of these jobs in the U.S.
Below we have included a trend line to show the projected growth. California’s growth in information security analysts has outpaced Washington, D.C.’s and the nation’s. Both California and D.C., meanwhile, have a larger share of these jobs than the national average because of the high concentration of tech and federal government.
We see a lot of diversity in the educational attainment breakdown for this occupation. Most information security analysts have a bachelor’s degree (43%). After that, 22% have some college, but no degree, 13% have an associate’s degree, 13% have an advanced degree, and 8% have a high school diploma (or equivalent).
It’s no surprise that Virginia, Washington. D.C., and Maryland have the highest concentration of information security analysts. Virginia, in particular, dwarfs every other state with a concentration more than twice the national average (2.41). The presence of the federal government is surely driving the growth in northern Virginia and the D.C. area, but there is a tricky data element that hinders how well we can understand this. The feds, while being very good at tracking, producing, and reporting data for other industries, aren’t quite as good at doing this for their own operations. As a result, we can’t clearly understand how the federal government is staffing these workers.
Here are a few other things to note:
- Wages in the Virginia, D.C, and Maryland area are quite high — the highest in the nation in fact.
- California, New York, and Texas have added the most jobs since 2010.
- Washington, Massachusetts, Delaware, Florida, New Jersey, and Minnesota also have concentrations higher than the national average.
|State Name||2009 Jobs||2012 Jobs||Change||% Change||Median Hourly Earnings||2009 National Location Quotient|
|District of Columbia||2,589||2,799||210||8%||$41.48||1.71|
Information security analysts is clearly a growth occupation, and as time marches, we expect the data and classification structure for this occupation will improve. This sort of analysis also helps us gain a healthy assessment of an “emerging occupation,” which is just another way of saying it helps us keep from making hasty decisions about over-deploying education and training programs. This has ramifications on colleges and universities that feel pressure to add new educational programs. Five percent growth and 15,000 new jobs nationwide is good, but not huge by any means. Every college and university out there shouldn’t necessarily be starting cybersecurity programs and overtraining for a sector that is just starting to grow.
Virginia, D.C., Maryland, California, Texas, and New York seem to have the best justification for considering programs in this area, but again, before lots of investment is made, it is important to research what the labor market is doing and how demand is shaping up in coming years. The only thing that might be needed to adequately respond to the present demand is to tweak existing programs.
Lastly, we hope this has been a helpful post on how to interact with transitional occupation codes. When the economy is experiencing such flux and redefinition, adjustments like this, while hard to understand, are necessary. The data and classification process will get better, as will the job numbers and definitions. For now, this is what we have to work with.
This is also an area where EMSI can help. There is a lot we can do to help you interpret and understand these transitional codes. If you have questions, please let us know.
Data and analysis from this report came from Analyst, EMSI’s web-based labor market tool. Please contact Rob Sentz (firstname.lastname@example.org) if you have questions or comments. Follow us @desktopecon.