Nothing has the full attention of IT today like the need for security. Cybercrime is becoming simpler and more lucrative, encouraging more criminals to participate, and threats of all kinds are on the rise. Combined with the expanding list of initiatives, such as cloud computing, and the need to support mobile devices, IT’s resources are being stretched thin. To see how they are responding to emerging threats, Symantec commissioned a survey of enterprises worldwide. The survey, entitled the 2011 Threat Management Survey, was announced today and revealed the following key findings.
Finding 1: Enterprises lack confidence in their security posture, mostly due to staffing issues
As cybercriminals continue targeted attacks against enterprises, IT finds itself facing a continuous stream of security threats. The poll revealed that more than half (57 percent) lack confidence in their IT security staff’s ability to respond to new and emerging threats.
What is it that is causing this shaken confidence? There are several factors uncovered by the poll, one of which is insufficient security staff. A related issue identified by the poll is simply a lack of time. Nearly half (45 percent) reported that their staff has insufficient time to quickly and effectively deal with threats. Those who reported adequate manpower, on the other hand, were less likely to report a lack of confidence in their security.
Finding 2: Organizations struggling with timely analysis and response
Among the many security challenges IT faces, which are rising to the top right now? It all boils down to two things they have been struggling with: quickly analyzing and understanding attacks in real time, and then responding to those threats.
The reason behind this, according to businesses surveyed, largely goes back to the staffing issues. Those organizations that are adequately staffed were less likely to report difficulties in analysis and response, by a margin of 9 to 14 percentage points. Simply having enough people means they can take the time to maintain crucial systems while dealing with threats as they come.
The next question, then, is what lies behind the lack of staffing? When asked, 46 percent of respondents attributed the problem to recruiting challenges. While there may be plenty of job applicants, that doesn’t mean that the applicants will have every skill their employers desire. Regardless of the number of staff members, more than a third stated that their security team lacks experience or the proper skill set to be completely effective.
Finding 3: Top concerns are security intelligence and visibility
IT administrators certainly have a lot on their plate. Between responding to moment-to-moment problems and trying to prepare for future needs, their resources are stretched thin.
At the top of the list of IT concerns is the need for threat intelligence, according to two-thirds (68 percent) of respondents. Maintaining current, accurate intelligence forms the basis of an effective response plan.
In addition, 49 percent of the professionals surveyed ranked visibility as one of their top two concerns. Due to the complexity of today’s IT infrastructure, often combining physical and virtual elements, administrators recognize the potential for unmonitored holes in security.
Despite the best efforts of IT, security events do happen. Nearly half (45 percent) of businesses indicated concern about properly correlating and analyzing attacks when they become aware of them.
Finding 4: Staffing problems top the list of issues impacting threat monitoring and response
It’s hard to overstate the effect that inadequate staffing can have on an organization, and the survey highlights just how important it is. First, nearly half of organizations are understaffed, particularly among North American businesses. This insufficient security staff was cited by 46 percent of respondents as one of the top factors keeping them from being able to quickly and efficiently deal with new security threats.
Not only are IT organizations reporting insufficient staff, but many of the people they do have are not effective. In fact, 66 percent of respondents rated their staff as less than effective. Only four percent of those who lack confidence rated their staff as completely effective. Added to this is the problem that even if they can find the right staff, keeping them is also an issue. Retention ranked among the top two reasons, according to 42 percent of respondents.
Based on these findings, it’s apparent that there are several serious security flaws in enterprises around the world. In order to mitigate these potential problems, Symantec has created the following recommendations to assist businesses of all sizes as they struggle with keeping data and resources safe in today’s era of constant security threats.
- Build a comprehensive incident management program. Plan for all aspects of your incident management program, including technology, people and processes. In particular, be sure to consider the staffing requirements to maintain an effective program.
- Be vigilant about the changing threat landscape. With the accelerating rate of change in the external threat environment, many enterprises need to increase their attention on the latest developments to keep pace.
- Broaden the visibility across your infrastructure. Enterprise infrastructure is constantly evolving and new infrastructure trends, such as mobility, virtualization and cloud-based solutions, can open up new avenues for attacks. Maintain ‘edge-to-endpoint’ visibility across your infrastructure to mitigate these new risks to protect information and identities.
- Evaluate systems for managing security information and alerts. The rising volume of security information and alerts is straining some organizations. These organizations should evaluate the technology, processes and staffing that are in place to storing, analyzing and acting on this data.
Symantec Commissioned Applied Research to field the Threat Management Survey in June of 2011. They contacted a total of 1,025 global enterprises with a minimum of 1,000 employees, across a variety of industries. Respondents were tactical IT, strategic IT and C-level professionals. The poll has a reliability of 95% confidence with +/- 3.1% margin of error.