Fast-changing security threats overwhelming IT managersReprints
(Reuters) — Security professionals are unable to keep pace with cyber security threats against companies as external and internal threats mushroom from both known and emerging technologies, a survey published on Wednesday showed.
The study of just over 1,000 security professionals in the United States, Britain and Canada paints a picture of mounting pressures on organizations due to a shortage of necessary specialist skills, tight budgets and poor employee education.
Emerging threats have changed dramatically from a year ago, as concern over managing security for social media and big data projects have declined sharply only to be replaced by new risks.
Forty-seven percent of security professionals now say the pressure to move their organizations to cloud-based Internet services from in-house computer systems has become their firm's biggest emerging threat, up from 25% a year ago.
“Few white-collar professionals face as much mounting pressure as the information security trade,” said a report analyzing the survey findings from Trustwave, a supplier of managed security services based in Chicago.
The study found 54% of respondents believed security staffing levels inside their organizations needed to double in size, and another 24% said they needed to quadruple, in order to cope with the range of cyber security issues they face.
Businesses face determined, well-funded attackers as their organizations create growing mountains of data that must be defended not only from outside attacks, but inside ones that are smuggled into work by unaware employees who increasingly use their own mobile phones instead of company-controlled devices.
Despite this, one of the strongest complaints voiced in the survey was the pressure to prematurely release new tech projects or applications, despite security concerns. Seventy-seven percent said they were pressured to launch projects too soon.
Nonetheless, a surprising 70% of respondents said they consider their own organizations safe from cyber attacks and data compromises.
This result suggests a false sense of security in light of a separate recent study from the Ponemon Institute that found 43% of companies had suffered a data breach in the past year. This disconnect was most pronounced in Britain, where 80% of those surveyed said their organizations were safe.
The poll was conducted in December and January by a third-party firm on behalf of Trustwave and drew on responses from more than 600 U.S. security professionals and another 200 each in Canada and Britain.