Industry skills shortages are set to have a major impact on IT professionals this Christmas, with nearly one third (29%) claiming they’ll be too busy to take time off, according to AlienVault.
The unified security management vendor polled over 400 US and UK IT pros online and at the Spiceworld conference in November to better understand their workplace stresses.
It found that half of those that can afford to take time off this festive period will spend it worrying about work.
More than half (53%) said they thought their colleagues are overworked and overstretched, and over a third (41%) claimed to have had unfilled vacancies in their teams for a month or more in 2016.
AlienVault security advocate, Javvad Malik, argued that shortages are not always down to a lack of available talent in the jobs market.
“On the other side of the coin is the willingness of companies to invest into more staff,” he told Infosecurity.
“Particularly in small, but growing companies where we often see a company’s infrastructure may grow rapidly, yet the IT team doesn’t scale at the same rate.”
Another factor leading to workplace stress appears to be data breaches. Almost a quarter (21%) of respondents said that when a security breach happens, it’s IT teams that are blamed.
This might explain why 14% said that would cover up a breach rather than report it, as long as it didn’t involve regulated data.
IT teams are also increasingly prepared to turn a blind eye to users bypassing security controls if it makes their job easier in the short term.
Nearly half (46%) of those that said they’d allow friends and bosses to bypass security controls or IT processes at work, claimed they’d do so whether those involved were higher up in the organization or not.
Malik explained that there could be several reasons why some IT staff turn a blind eye to employees bypassing these controls.
“It could very well be because controls may be too rigorous in the first place. Sometimes this is as a result of controls being implemented by those unfamiliar with the day to day operations, or even because of compliance regulations. In smaller companies, it is sometimes because of agreements they may have in place with larger companies who dictate stringent security controls as a condition of business,” he told Infosecurity.
“The other aspect could be down to security teams turning a blind eye because they already have a high workload and other tasks may take priority. Like a policeman that will let someone off with a warning for being slightly over the speed limit because they would rather spend the time chasing down higher risks.”