Key Points from this Infographic:
TEKsystems® Network Services’ practice surveyed IT and business leaders to gauge how well their organizations are currently addressing information security. National Cyber Security Awareness Month is sponsored by the Department of Homeland Security, National Cyber Security Alliance and the Multi-State Information Sharing and Analysis Center with the goal of empowering public and private sector stakeholders to create a safe, secure and resilient cyber environment. Key findings of the study include:
There’s a Pervasive Human Capital Crisis
- Organizations attempting to tackle critical IT security initiatives suffer from the shortage of IT talent.
- Half of respondents believe the lack of qualified security talent is approaching a state of critical mass where their organizations are vulnerable to serious risk exposure.
- Only 15 percent of respondents are very confident that they have the security-related skill sets to meet evolving threat landscapes.
- Less than 20 percent of respondents are very confident their IT organization has an adequate allocation of information security resources in-house for security policy, identity and access management and information risk management skills. Further, more than half say it is difficult to find and source quality talent with these skill sets.
Security Complexities are Overwhelming
- Information security is so complex that organizations cannot adequately assess their needs.
- More than 60 percent of respondents believe the growing scope and complexity of IT security makes it difficult for their organization to effectively evaluate current security programs and develop comprehensive strategic planning efforts.
Organizations Struggle to Keep Up
- It is essential that organizations continually evolve their security strategies to keep pace with the changing ecosystem, yet IT is too bogged down by tactical activities.
- The majority of the respondents indicate that their information security teams are too busy handling tactical, day-to-day work to spend an adequate amount of time on critical strategic information security initiatives.