The pressures faced by professionals fighting cyber crime

IT security professionals faced increased pressure to secure their organizations in 2014 and expect that pressure to further increase this year.

A new report from managed security services company Trustwave reveals a number of issues including pressure to roll out IT projects such as cloud and mobile applications despite having unresolved security issues; the pressures of being understaffed while security threats mount; and increasing pressure from executives to protect information while being resource-constrained.

According to the survey of 1,016 IT security professionals, some of the pressure comes from above, 61 percent of respondents said they felt the most pressure from owners, board and C-level executives -- up from 50 percent last year. The need to roll things out quickly is a problem too with 77 percent of respondents saying they had been pressured to unveil IT projects that were not security ready.

Most feel that they're under-resourced too, 84 percent want the size of their IT security team increased with 54 percent wanting the size doubled and 30 percent wanting it quadrupled or more.

Among emerging technologies, 47 percent of IT and security pros were most pressured to use or deploy the cloud in 2014, up from 25 percent in 2013. Oliver Pinson-Roxburgh EMEA Manager of Systems Engineers at Trustwave says, "When it comes to implementing cloud and big data solutions security is often an afterthought".

The report concludes with a number of recommendations including accepting that everyone is at risk (70 percent of respondents to the survey believed they were safe from cyber attacks). It also recommends acknowledging that insider threats can be just as destructive as external ones.

In addition it suggests that traditional, perimeter-focused security technologies simply are no longer good enough to handle today's zero-day exploits and advanced persistent and blended threats, as well as risks posed by insiders. As a result, companies must turn to more advanced threat management solutions. Pinson-Roxburgh suggests that managing the human element has a part to play too, "Companies must make it difficult for people to make the wrong choices".

Another key recommendation is that a security first attitude is required to minimize the risk of vulnerabilities creeping in when solutions are rolled out too quickly. Its final point is that security professionals shouldn't be afraid of looking outside their own organizations to outside partners like managed security providers for help.

The full report with more detailed findings is available to download from the Trustwave website.

Image Credit: Manczurov / Shutterstock