Most Employees Say IT Security Functions are Understaffed

RSA 2017: The "Culture" of Cybersecurity Collaboration

April 23, 2019

A Ponemon Institute study has found that 73 percent of respondents believe their organization’s IT security functions are typically understaffed due to the difficulty in attracting and retaining qualified candidates. According to the report, Staffing the IT Security Function in the Age of Automation: A Study of Organizations in the United States, United Kingdom and APAC, only 29 percent of respondents say they have no difficulty attracting qualified candidates and only 30 percent of respondents say they have no difficulty retaining them. Most respondents think automation will mean increased job security for IT security practitioners, especially those who have the expertise to manage these technologies.

Key findings from the study include:

65 percent say human involvement in security is important in the age of automation.
56 percent say a barrier to adopting automation is the lack of in-house expertise.
49 percent say automation improves the ability to prioritize threats and vulnerabilities.
47 percent say automation increases the productivity of current security personnel.
25 percent say automation will either have no effect on hiring. 40 percent sat it will increase hiring.
61 percent do not think they will lose their jobs because of automation.
68 percent say automation will enable IT security staff to focus on more serious vulnerabilities and overall network security.
65 percent say automation is not capable of performing certain tasks that IT security staff can do.
51 percent say automation will never replace human intuition and hands-on experience.
63 percent say their organization does not have enough staff to monitor threats on a 24/7 basis.

Other results include:

In the APAC, 63 percent say they trust Artificial Intelligence (AI) as a security tool. 37 percent say they do not trust AI as a security tool.
In the UK, 69 percent say they do trust AI as a security tool and 31 percent say they do not trust AI as a security tool.
In the U.S., 76 percent say they trust AI as a security tool and 24 percent say they do not trust AI as a security tool.

When asked about the top seven solutions integrated with organizations’ security management tools are, survey respondents said:

Security monitoring
End user experience monitoring
Directory services
Event management
Help desk
Virtual systems management
Orchestration

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

Most Employees Say IT Security Functions are Understaffed

Related Articles

Related Products

Report Abusive Comment