Asia's Source for Enterprise Network Knowledge

Saturday, April 19th, 2014

IT and business management and issues

Most organizations not confident about security, says Symantec

A poll by Symantec has revealed that most enterprises are not confident in their security posture and that staffing is a major issue limiting IT security's effectiveness.
Research was conducted in June 2011 by Applied Research, which surveyed C-level and IT professionals at small, medium, and large enterprises (1,000-2,400, 2,500-4,999, and 5,000+ employees). The report was designed to examine security concerns and challenges IT organizations are facing. The survey included 1,025 respondents from countries in North America, EMEA (Europe, Middle East and Africa), Asia Pacific, and Latin America.

The survey found cyber attacks were the top concern of the organisations surveyed and the importance of these threats has increased for many respondents.  Over 57% of respondents said they lack confidence in their IT security staffs' ability to respond to new and emerging threats.

45% of respodent also cited a lack of time to respond to new threats for their existing staff.  Overall, 43% of organisations worldwide reported they are somewhat or extremely understaffed.

Those who lack confidence in their ability to respond to threats also reported issues with staff effectiveness.  The top three issues impacting staff effectiveness were recruiting (46%), retention (42%) and skill set gaps with existing staff (35%).  The findings suggest that effectiveness is linked to both staffing levels as well as staff experience and skill set.

Beyond these staffing issues, the other top concerns noted by respondents were keeping up with changes in the threat landscape, maintaining adequate visibility of their own infrastructure and managing security log and alert data in a timely and effective manner.

68% identified threat intelligence as one of their top two concerns.  Concerns about the potential for new avenues of attack in an evolving infrastructure are reflected in the 49% who ranked security visibility as a top concern.  Finally, a significant number (45%) reported they are concerned about their ability to properly correlate and analyze the security information and alerts that are being generated by their security solutions.