Cape Town – Security professionals at organisations are feeling the pressure to increase security as cyber hackers target companies, a global survey has found.
A Trustwave survey of 1 400 IT professionals found that 63% faced more pressure in 2015 to secure their organisations than 2014, and 65% expect to feel more pressure in 2016.
“The spike is most pronounced in the United States, where an eye-popping 70% of security professionals felt the pressures dialled up last year compared to the prior 365 days,” said the 2016 Security Pressures report.
Beyond the emergence of new security threats and technologies, the lack of skilled professionals jumped from eighth to third place as the most pressing need in corporations.
At least 40% of professionals felt the highest pressure before or after a board meeting, 1% higher than what they feel after a major data breach has been discovered.
Internal, external threats
“Security professionals rate customer data theft (43%) as their No 1 worrying result, followed by intellectual property theft (22%). Website disruption made the largest jump year over year, increasing from 7% last year to 13% in this year’s report,” said Trustwave.
Hackers in 2015 gained access to the records of 78.8 million customers of US healthcare provider Anthem Insurance, and 15 million T-Mobile customer records were exposed in a breach. At least 37 million subscriber records were stolen in the highly publicised Ashley Madison website leak.
“Overwhelmed security practitioners are struggling in the face of exponentially growing threat complexity, with over 400 000 new malicious programs identified every day. Plus, people who offer the magic combination of skills (including environment knowledge, depth of technical expertise, and knowledge of business priorities) are hard to find, hire and retain,” said Trevor Coetzee, regional director of Intel Security South Africa and Sub Saharan Africa.
The Trustwave survey also found that 58% of respondents were concerned about external threats, versus 42% worried about internal threats.
“Insider attacks are more likely to go unreported, yet they can actually have the greater impact because they are being perpetrated - either purposefully or unwittingly - by users who are trusted on the network,” the company said.
The report found that there was a great fear of reputational damage (43%) than financial losses (37%) as a result of a breach among IT professionals
“One interesting note is that the potential for job loss rose from 8% last year to 11% this year, evidence that more security professionals fear termination if a major incident occurs under their watch,” said the report.
- Follow Duncan on Twitter