Forty-two percent of respondents to the Symantec 2010 State of Enterprise Security Study said that security was their top issue. And yet enterprise security is understaffed, according to the survey of 2100 enterprise CIOs, CISOs and IT managers from 27 countries. IT departments assign 120 employees to security and IT compliance on average, but it isn't enough.
The areas most affected by understaffing are network security and end point security, both of which were areas of concern for 44% of companies. Thirty-nine of companies said that understaffing was affecting messaging security.
While enterprises fail to staff their security efforts properly, they are fanning the flames with problematic projects in the areas of infrastructure-as-a-service, platform-as-a service, server virtualization, end point virtualization, and software-as-a-service, Symantec said.
All of this is happening against a backdrop of IT compliance pressures. Comapnies are exploring 19 separate IT standards or frameworks on average, and are currently employing eight of them.
Three in every four organizations experienced attacks on their computing infrastructure in the past year, according to Symantec. Just over two-thirds said that those attacks were somewhat or highly effective. Twenty-nine percent of companies said that attacks had increased in the last year.
The top three reported losses among businesses were theft of intellectual property, theft of customer credit card information, or other financial information, and theft of customer personally identifiable information. More than nine in every ten companies experiencing these attacks lost money due to productivity, revenue, and loss of customer trust.
"Organizations need to protect their infrastructure by securing their endpoints, messaging and Web environments," said Symantec. "In addition, defending critical internal servers and implementing the ability to back up and recover data should be priorities. Organizations also need the visibility and security intelligence to respond to threats rapidly."