IT security staff under immense strain according to (ISC)2 study

The research, commissioned by (ISC)2 , the not-for-profit IT security association, and carried out by Frost & Sullivan (F&S), reveals that the complexity of the technology that IT professionals have to deal with is significant.

So significant, in fact, says the report, that it is now potentially endangering the security of government agencies, corporations and consumers.

Researchers polled more than 10,000 IT professionals worldwide for the study and found that new threats stemming from mobile devices, the cloud, social networking and insecure applications, as well as added responsibilities such as addressing the security concerns of customers, are stretching IT professionals more and more.

The global workforce security report reveals that IT security professionals admitting they needed better training, yet also reporting - in significant numbers - that many of these technologies are already being deployed without security in mind.

Robert Ayoub, global program director for network security with F&S, said that in a modern organisation, end-users are dictating IT priorities by bringing technology to the enterprise rather than the other way around.

"Pressure to secure too much and the resulting skills gap are creating risk for organisations worldwide", he explained.

Ayoub went on to say that the good news from this study is that IT professionals finally have management support and are being relied upon and compensated for the security of the most mission-critical data and systems within an organisation.

"The bad news is that they are [also] being asked to do too much, with little time left to enhance their skills to meet the latest security threats and business demands", he said.

Delving into the report reveals that secure software development is a significant new area of focus for information security professionals worldwide.

Application vulnerabilities, notes the research, ranked as the no. 1 threat to organisations by 72% of respondents, while 20% said they are involved in secure software development.

On top of this, almost 70% of respondents reported having policies and technology in place to meet the security challenges of mobile devices, yet mobile devices were still ranked second on the list of highest concerns by respondents.

The study concludes that mobile security could be the single most dangerous threat to organisations for the foreseeable future.

What’s hot on Infosecurity Magazine?