All professionals in every industry are under pressure to perform well in their job, but as more companies reveal disastrous breaches and security breakdowns, IT security professionals are finding themselves in the spotlight and little room for failure. Information security has become a profession that, due to the widely publicized state of security, has suddenly become a very public topic.
Companies are paying attention to major security breaches in the news and do not want to see their own businesses falling victim to these same attacks. That being said, it should not surprise us that according to the Black Hat Hacker Survey Report 61% of security professionals claim they are getting more pressure than ever from C-level executives, board members and business owners.
A long list of woes
When it comes to the list of issues and pressures that security professionals are faced with daily, it almost seems endless.
First, a major issue is that while company decision makers want better security, they don’t quite understand how much time, resources and thought must go into creating a safe network. There is often a lot of pushing going on to adopt new security technologies, even if the security controls are not yet in place. Seventy-seven percent of security professionals in the Black Hat Report stated that they had felt pressure to roll out new products despite the fact that security concerns still remained. The report notes that software and applications that are released without resolving these issues are prime targets for hackers.
A second major pressure security professionals are faced with is the issue of being understaffed in their department. The report found that there isn’t enough security staff in place at most companies to do the heavy lifting that upper management now wants. In fact, most IT security pros would like to see more hiring and budget focused on increasing security.
Security firm Trustwave surveyed 1,414 security decision-makers or security influencers to find out the top reasons they felt pressure in their job. A few common issues included:
- Sixty-three percent of respondents felt more pressure than the previous year to secure their organization.
- Forty percent of respondents felt pressure regarding security directly before or after a board meeting.
- Seventy-seven percent of respondents felt pressure to unveil products that are not yet secure.
- Pressure to select the latest security technologies jumped 10% from 64% to 74% of respondents in the course of one year.
- Resources to implement security updates and changes fell to 69% from 71% the previous year.
- After the cloud, the majority of respondents felt the pressures to adopt or deploy the IoT were a major risk and pressure.
“Security professionals live in a unique and stressful environment, defined by conflict with faceless attackers as well as internal threats,” said Steve Kelley, Chief Marketing Officer at Trustwave. “Businesses rely on information security more than ever before and the pressure to show measurable success is taking a toll on security practitioners.”
What are your thoughts? Do the survey findings ring true in your organization? What are some of the solutions to help mitigate the pressures put on security professionals?