IT Security Staffing Challenges Hinder Threat Response: Symantec

Security specialist Symantec announced the findings of its 2011 Threat Management Survey, which examined the concerns and challenges IT security organizations face as they confront the evolving threat landscape. The poll revealed that most enterprises are not confident in their security posture and that staffing is a major issue limiting IT security’s effectiveness.

The survey also found that 46 percent of those who lacked confidence indicated insufficient security staff was a top factor. A similar number (45 percent) cited a lack of time to respond to new threats for their existing staff. Overall, 43 percent of organizations worldwide reported they are somewhat or extremely understaffed. In North America, respondents were much more likely to report understaffing, with 53 percent reporting staffing challenges.

“Although organizations are more concerned than ever about keeping up with the evolving threat environment, many still fall short of achieving high confidence in their security posture,” said David Dorosin, director of product marketing for the threat and risk management group at Symantec. “Effective threat management requires advanced technology for enterprise visibility and the correlation and analysis of security data, but our research shows that the human element is often the limiting factor for enterprise threat management teams.”

Those who lack confidence in their ability to respond to threats also reported issues with staff effectiveness. Sixty-six percent rate their staff as less than effective and only 4 percent rate their staff as completely effective. The top three issues impacting staff effectiveness were recruiting (46 percent), retention (42 percent) and skill set gaps with existing staff (35 percent). The findings suggest that effectiveness is linked to both staffing levels as well as staff experience and skill set.

Beyond these staffing issues, the other top concerns noted by respondents were keeping up with changes in the threat landscape, maintaining adequate visibility of their own infrastructure and managing security log and alert data in a timely and effective manner. Sixty-eight percent identified threat intelligence as one of their top two concerns.

Concerns about the potential for new avenues of attack in an evolving infrastructure are reflected in the 49 percent who ranked security visibility as a top concern. Finally, a significant number (45 percent) reported they are concerned about their ability to properly correlate and analyze the security information and alerts that are being generated by their security solutions.

Symantec’s recent 2011 State of Security Survey found cyberattacks were the top concern of the organizations surveyed and the importance of these threats has increased for many respondents. Probing deeper into an enterprise’s ability to manage these threats, 57 percent of respondents to the 2011 Threat Management Survey said they lack confidence in their IT security staffs’ ability to respond to new and emerging threats.