IT Security Staffing Challenges Hinder Threat Response: Symantec
The survey found that 46 percent of those who lacked confidence indicated insufficient security staff was a top factor.Security specialist Symantec announced the findings of its 2011 Threat Management Survey, which examined the concerns and challenges IT security organizations face as they confront the evolving threat landscape. The poll revealed that most enterprises are not confident in their security posture and that staffing is a major issue limiting IT security's effectiveness. The survey also found that 46 percent of those who lacked confidence indicated insufficient security staff was a top factor. A similar number (45 percent) cited a lack of time to respond to new threats for their existing staff. Overall, 43 percent of organizations worldwide reported they are somewhat or extremely understaffed. In North America, respondents were much more likely to report understaffing, with 53 percent reporting staffing challenges.
"Although organizations are more concerned than ever about keeping up with the evolving threat environment, many still fall short of achieving high confidence in their security posture," said David Dorosin, director of product marketing for the threat and risk management group at Symantec. "Effective threat management requires advanced technology for enterprise visibility and the correlation and analysis of security data, but our research shows that the human element is often the limiting factor for enterprise threat management teams."
Concerns about the potential for new avenues of attack in an evolving infrastructure are reflected in the 49 percent who ranked security visibility as a top concern. Finally, a significant number (45 percent) reported they are concerned about their ability to properly correlate and analyze the security information and alerts that are being generated by their security solutions. Symantec's recent 2011 State of Security Survey found cyberattacks were the top concern of the organizations surveyed and the importance of these threats has increased for many respondents. Probing deeper into an enterprise's ability to manage these threats, 57 percent of respondents to the 2011 Threat Management Survey said they lack confidence in their IT security staffs' ability to respond to new and emerging threats.