Report reveals top pressures security professionals face when fighting cybercrime

The new report reveals businesses were under increased pressure to secure their organisations in 2014 and expect that pressure to increase in 2015. Respondents also reported pressure to roll out IT projects such as cloud and mobile applications despite having unresolved security issues; the pressures of being understaffed while security threats mount; increasing pressure from C-level executives to protect information while being resource-constrained; and more.

Key findings from the 2015 Security Pressures Report include:

• Pressure is on: 54% of IT and security pros felt more pressure to secure their organisations in 2014. 57% of respondents expect to experience more pressure to secure their organisation in 2015.
• Differing perspectives: 64% of enterprise respondents foresee increasing pressure in 2015, compared to 48% of small- and medium-sized businesses (SMBs).
• Corner-office commands: 61% of respondents said they felt the most pressure from owners, board and C-level executives – up from 50% last year.
• Jumping the gun: 77% of respondents said they had been pressured to unveil IT projects that were not security ready.
• False sense of security: 70% respondents believed they were safe from cyber-attacks and data compromises.
• Send in the reserves: 84% wanted the size of their IT security team increased; 54% wanted the size doubled and 30% wanted it quadrupled (or more than quadrupled).
• Breaking in: 62% of respondents were most pressured by external threats versus internal threats.
• Cloudy forecast: Among emerging technologies, 47% of IT and security pros were most pressured to use or deploy the cloud in 2014, up from 25% in 2013.
• Reaching out for help: 78% of respondents are likely or plan to partner with a Managed Security Services Provider (MSSP) in the future.

“All signs point to turbulent times for IT and security professionals, and our findings back this up,” said John Amaral, Senior VP of Product Management at Trustwave. “Overall, pressures for IT and security professionals increased from 2013 to 2014 and even more distress is expected in 2015. The report also finds that the decisions security pros make are not necessarily the ones they want to make, and many report they do not have enough resources and in-house skills to deploy a defense-in-depth security program without confronting a mountain of pressure while doing it.”

“The pressures IT professionals face are growing: cybercriminals are increasingly crafty, new attack vectors are emerging, budgets are tight, skills are at a premium, security policies are either incomplete or disregarded, and many security solutions are proving too complex to manage or too basic to be useful against a professional adversary,” said Christina Richmond, Program Director, Security Services at IDC. “These pressures are driving businesses to increasingly look to partner with managed security services providers who can help control complexities related to security technologies as well as mitigate and respond to advanced security threats.”