CIOs expect an uptick in hiring in the second quarter, according to the latest Robert Half Technology IT Hiring Index and Skills Report.

The Robert Half study found that 9% of tech execs plan to add IT staff while only 4% anticipate letting folks go.

That 5% increase is up two points from the first quarter’s forecast and three points higher than the year-ago projection.

The IT Hiring Index and Skills Report is based on telephone interviews with more than 1,400 CIOs from companies across the U. S. with 100 or more employees. It was conducted by an independent research firm and developed by Robert Half Technology, a leading provider of IT professionals on a project and full-time basis.

Even better than those numbers was the overall confidence expressed by many top techs. Their responses included:

• Nearly 80% of technology executives expressed confidence in their companies’ prospects for growth in the second quarter.
• The net 5 percent increase in hiring activity that is forecast marks the second consecutive quarter in which hiring expectations have risen.
• Recruitment and retention are emerging as concerns for IT executives.
• CIOs in the nation’s central regions — West South Central, West North Central and East North Central — forecast the strongest IT hiring activity.

“Executives are showing early signs of optimism in their business and hiring outlook,” said Dave Willmer, executive director of Robert Half Technology. “Recruiting efforts are focused in areas such as networking and desktop support, which help keep hardware and software running effectively, and facilitate the implementation of new technologies.”

Click here to read the free whitepaper.  

Click here to download the free whitepaper.  

Interested in hanging onto your IT job? For a lesson in how to lose it, consider the plight of Pennsylvania’s Chief Information Security Officer (CISO) who got canned after four years on the job for allegedly speaking in a public forum about a security breach of the state’s online drivers’ test scheduling system.

The firing’s sent shock waves through the ranks of high-level government IT folks and plenty of corporate folks who are contending with short staffs and budget cuts while trying to keep systems operational and safe.

Robert Maley lost his job as Pennsylvania’s CISO early last week. A source close to the matter told Computerworld that the firing was the result of Maley’s participation in a panel discussion at last week’s RSA security gathering.

At the conference, Maley talked about a recent incident in which a Philadelphia-area driving school managed to get access to the Department of Transportation’s online driver’s test scheduling system. How? According to Maley, the school’s cyber experts exploited a system “anomaly.”

Once the school had access, it scheduled some of its paying customers for driver’s license exams by bumping others who were already assigned time slots. Having the ability to give students preferential scheduling for their exams could obviously give the school an edge over its competition.

Maley’s mistake: He didn’t get permission to talk about the incident first.

Pennsylvania insists that employees get the OK from superiors before they divulge anything about state business.

Some are speculating that Maley’s disclosure might jeopardize a criminal investigation into the incident, but others believe the punishment’s way too harsh for talking about  something that should be shared among security experts.

While most state governments and nearly all corporations have some kind of vetting process for employees who’ll be speaking with the press or making public statements, the idea of firing an employee for talking among peers about issues of common interest seems to have blurred the lines for many.

If the exploit was a new or particularly insidious one, it can be argued that other security chiefs should know about the danger and how hackers could attack their own systems.

And since this was a government agency — and its employees work for the public — it can also be argued that the public has the right to know about compromises to public systems.

Some are wondering why the attack on the Department of Transportation’s computer system wasn’t already reported to the public and whether Maley’s firing wasn’t an attempt to cover up the department’s problem.

To make matters seem even worse, Maley’s firing has happened while the state is struggling — like most — to balance its budget. Part of the balancing act has involved ongoing budget and staff cuts at Pennsylvania’s IT security organization. Over the past 18 months to two years, the administration has cut information security budgets by close to 38%, and staff by 40%.

Fewer security folks could mean that state systems are more vulnerable to attack — something nobody in the upper offices of state government wants a security chief to be telling the public.  But does the public have a right to know that its government’s computers are open to attack?

And since nobody in the state government will discuss Maley’s departure — except to confirm that the man once nominated by a security industry publication as security exec of the year is gone from state government — all these questions go unanswered, for now.

What’s your take on the situation? Should Maley have been fired for talking in public about the incident?

A British man recently did when his ex-girlfriend took him to court over an offensive post he made about her on Facebook.

Darren Mattox, a 29-year-old fellow from Wrexham, Wales, admitted in court that he’d written something “grossly offensive or of an indecent, obscene, or menacing character” about a Facebook friend who happened to be his ex-girlfriend.

The couple’s hard feelings apparently have to do with their son and his father’s visitation.

But private communication is one thing and name calling in a public forum are quite another. Now Mattox has to pay a $250 for his defaming words.

Writing or saying nasty things about people who aren’t public figures can get you in hot water in many places — not just the U.K. American libel laws and the litigious nature of U.S. culture means that anyone would be wise to take care what they post about another person on social networking sites.

While the law allows a fair amount of freedom to take pot shots at celebrities, political figures and others who have a public profile, ordinary citizens have some protection by law from being defamed in a public arena.

And once you post something derogatory on a social networking site, the comment can become viral very quickly and easily.

And by help, we mean the FCC will give you a way to test your speed using a tool on their Web site here. So now, if you’re paying your ISP to deliver a certain speed, there’s a way to check — using a government site — to see if you’re getting what you paid for.

The FCC has added the tools to the Broadband.gov Web site not only to help users measure their broadband speeds. The site also gives you a button to click for reporting that you don’t have broadband available.

The new test tools are called, respectively,  the Consumer Broadband Test and the Broadband Dead Zone Report to Broadband.gov. Both are free.

The Consumer Broadband Test measures broadband quality indicators like upload and download speeds,  latency and jitter. The test takes about a minute and when the results come back, the report tells you what upload and download speeds, latency and jitter mean. They also report your speed to the FCC — and for that, you’ll have to give them your address, or you won’t be able to use the tools.

What the report won’t tell you is how fast your connection should be or what kind of speed other users get with their broadband connection. It also won’t tell users who don’t know a kilobyte from a megabyte how to tell the difference between the two, or if jitter and latency actually matter. (IT pros won’t have a problem with this, but their users might.)

The tools don’t work with Safari, Opera and Chrome Web browsers. Java’s required to run the test, but if you don’t have it, the site let’s you download it right then and there.

There’s also a mobile version of the app called, somewhat appropriately, “FCC Broadband Test”. This is  the first mobile app released by the FCC, and it’s available (free) through the Apple and Android app stores.

PayPal thinks they may have found one and they’re recommending it to their users. The online payment service  says Iconix eMail ID can protect customers by visually identifying genuine messages. Once a customer installs the software, they’ll see an icon (a gold lock with a check mark) next to a PayPal logo whenever they receive authentic e-mail messages from the firm.

The free program works with most of the major e-mail services like Gmail, MSN Hotmail, Windows Live Hotmail, Yahoo Mail, Outlook and Outlook Express.

Check out the PayPal notice to users here

Here’s a link to the Iconix site where you can download the free software.

Everybody knows sex sells, and sex online sells as well as well as any place. But the real test: How much will the ultimate online address “sex.com” sell for on the open market?

We’ll soon find out. Sex.com, a domain name that’s believe by many to be the Web’s most valuable address, will be auctioned off next month.

The sale is the result of what’s driving a lot of fire sales these days: foreclosure.

DOM Partners LLC, a New Jersey lender that backed the 2006 purchase “sex.com” for a reported $14 million, is foreclosing on the Internet property in a March 18 at New York law firm Windels Marx Lane & Mittendorf LLP.

The Web site once made at least $15,000 per day, according to a 2008 book, The Sex.com Chronicles, by attorney Charles Carreon who has represented a former owner of the site.

In January 2006, Escom LLC acquired the domain name from Gary Kremen, founder of dating website Match.com and chief executive of Grant Media. Kremen registered the sex.com domain name in 1994.

Escom LLC is reportedly to be in default on financing it got from DOM Partners.

As for the auction, the opening bid is $1 million and you’ll need a certified check for that amount to get in on the action.

Oh, and the folks who are running the auction say they’ll take online bids. Of course.

Here’s how it works: You download the free app to your mobile phone. Then you visit one of the project’s retail sponsors and “check in” using your phone. No need to buy anything, no need to even talk to a sales rep.

The app registers your presence and awards you good “karma” points, which you accumulate and donate to the nonprofit of your choice. Users are encouraged to spread the word about their good works via social networking sites such as Facebook.

Proctor and Gamble said it will give users karma points for scanning the bar codes of 27 products, like toothpaste or face cream. And now Citi is expanding its support of CauseWorld. It’s adding two micro-finance outfits to the list of charities that can receive users’ karma points.

The app also lets you create a profile and earn different levels of merit for using the software and helping the world.

Most important of all, the 300,000 downloads of CauseWorld have caused investors to flock to the company’s developers. Now that’s how to raise money.

The CauseWorld App is available for free from the App Store on iPhone or  here.

The warning is part of the software giant’s emerging reaction to an unpatched vulnerability that hackers could exploit to hijack PCs that run Internet Explorer.

Microsoft is investigating new public reports of a vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use of Internet Explorer.

But good news for Vista and Win7 users: Their investigation has shown that the vulnerability cannot be exploited on Windows 7, Windows Server 2008 R2, Windows Vista or Windows Server 2008.

The main impact of the vulnerability is remote code execution.

The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed.

On systems running Windows Server 2003, Internet Explorer Enhanced Security Configuration is enabled by default, which helps to mitigate against this issue.

Until a patch is ready, users can protect themselves by not pressing the F1 key if a Web site tells them (repeatedly) to do it.

Another workaround: Disable Windows Help by modifying the ACL on winhlp32.exe to be more restrictive on Windows 2000, Windows XP and Windows Server 2003 by running the following command from an administrative command line:

echo Y | cacls "%windir%\winhlp32.exe" /E /P everyone:N