- Security Pros Reveal How They Cope With Rising Tide of Cyber-Attacks
- Vulnerabilities Outnumber Staff
- Security Pros Are Overwhelmed
- Security Pros Face Too Many Threat Alerts
- They Work With Manual Patching Processes
- Stress Levels Differs Based on Organization Size
- Threat Alerts are Improperly Prioritized
- Security Budgets Are Rising
Security Pros Reveal How They Cope With Rising Tide of Cyber-Attacks
With new software vulnerability exploits in the news on a regular basis, the daily challenges of cyber-security professionals are as high as ever before. A report released on May 17, from security risk vendor Bay Dynamics, based on a survey of 400 cyber-security professionals conducted by Enterprise Management Associates reveals some of the challenges these professionals face on a daily basis. Among the big challenges is the simple fact that while the total number of security threats continues to rise, there is not a corresponding rise in staffing levels. Another key challenge is figuring out how to prioritize threat alerts, with 52 percent of respondents reporting that automated system improperly prioritize threats. In this slideshow eWEEK looks at some of the highlights of the Bay Dynamics/Enterprise Management Associates Day in the Life of a Cyber Security Pro report.
Vulnerabilities Outnumber Staff
There are more vulnerabilities in organization of all sizes than IT security staff. On average, there are now ten new vulnerabilities per system per month.
Security Pros Are Overwhelmed
Security teams spend a lot of time on maintenance work, so much so that 74 percent of respondents reported that they were overwhelmed by the volume.
Security Pros Face Too Many Threat Alerts
Aside from maintenance work, the Bay Dynamics report revealed that cyber-security professionals are also overwhelmed by the volume threat alerts they need to manage.
They Work With Manual Patching Processes
One of the primary security processes that security professionals perform is patching. Rather than being a fully automated process the 79 percent of respondents indicated that their firm’s patching approval process was manual, including spreadsheets and emails.
Stress Levels Differs Based on Organization Size
Depending on the size of the organization, there were different primary drivers of cyber-security professional stress. For the mid-market and very-large enterprises, having too many vulnerabilities was a leading cause of stress.
Threat Alerts are Improperly Prioritized
Among the key challenges revealed in the report is that 52 percent of threat alerts are improperly prioritized by systems and must be manually reprioritized.
Security Budgets Are Rising
Despite all the other areas where cyber-security professional are feeling stressed, 74 percent of respondents reported that their security budgets are rising.