The bulk of security teams face a relentless uphill battle when it
comes to dealing with security risks and are sorely lacking when it
comes to tracking, measuring and maintaining data access, according to
new research.
The majority of those interviewed in a survey
published today, “The Buried Truth: State of Security Information and
Even Management Processes,” carried out by security firm Sensage,
found that security professionals are having a rough go of it these
days. It’s the third time the California-based firm has polled the
industry but the first in which the survey’s results have marked such a
downward slide for its respondents.
This downward trend was clear
after Sensage analyzed what it’s referring to as security’s “bad mood.”
After taking respondents’ optimism and other factors into account, the
firm notes the mood is likely reflective of increasingly complex threats
and a decrease in confidence. The mood continues to trend downward when
looking at the last three years of responses.
“By 2012, proactive
teams were starting to do the heavy-lifting needed to absorb and
analyze data across more systems, processes and people than they
considered doing in the past,” one part of the survey reads.
That “heavy lifting” refers to the need for better coordination, compliance reporting, incident response and data access.
Fully
79 percent of the survey’s respondents claimed they need better, faster
data access and analysis - a big jump from last year, when only 57
percent of security teams claimed they wanted more trustworthy data.
When
it comes to tracking improvement, security teams continue to be at a
loss. A mere five percent of those who answered the survey felt like
they had a “consistent and adequately staffed process improvement
program.” Those numbers weren’t great to start with; the statistics are
down from a measly 18 percent in 2010. Conversely, only 40 percent of
respondents asserted that their security teams maintained consistent
process improvement, down from 65 percent last year.
Overall, 96
percent of those who answered claimed their teams either had no process
improvement, inconsistent process or understaffed process.
Some of
these security teams aren’t entirely equipped to handle problems that
come their way. Seventy-eight percent of security practitioners who
responded claimed they were under less than ideal circumstances when it
comes to dealing with security risks.
Less than a quarter, 22 percent, said they were “very effective” when tackling security risks.
Courtesy by Christopher Brook
No comments:
Post a Comment