IT Departments Lack Cybersecurity Specialists
As large-scale cyberattacks become more prevalent, a new survey shows businesses are increasingly concerned about the ability of their IT staff to prevent such breaches.
Conducted by Symantec, the 2011 Threat Management Survey revealed that 57 percent of the C-level executives and IT professional questioned said they lack confidence in their IT security staff’s ability to respond to new and emerging threats.
Part of the problem, according to the research, is a shortage of qualified IT professionals specializing in security.
The survey found that 46 percent of those who lacked confidence pointed to not having enough security staff as the main reason. Overall, 53 percent of businesses in North America reported they are understaffed in their IT department.
"Although organizations are more concerned than ever about keeping up with the evolving threat environment, many still fall short of achieving high confidence in their security posture," David Dorosin, director of product marketing for the Threat and Risk Management group at Symantec, said in a prepared release. "Our research shows that the human element is often the limiting factor for enterprise-threat-management teams."
In addition to not having enough specialists, a majority of businesses don't have a lot of confidence that the existing staff will be able to get the job done, the survey said.
Specifically, 66 percent rate their staff as less than effective, with only 4 percent reporting full and complete confidence in their IT team.
Recruiting, retention and skill set gaps within existing staff were among the main issues.
Dorosin said the findings suggest that effectiveness is linked to staffing levels as well as staff experience and skills.
The research was based on surveys of more than 1,000 C-level and IT professionals from companies of all sizes throughout North America, Europe, the Middle East, Africa, Asia and Latin America.