In addition to providing year-over-year comparisons of 2014 and 2015, the third-annual report adds previously unmeasured insight related to cybersecurity pressures including new data and regional viewpoints. In addition to respondents from the United States, Canada and the United Kingdom, the 2016 report features 398 Asia Pacific respondents – from Australia and Singapore – and adds new questions that address the timing of increased pressure, job security, and specific security threats that pose the greatest challenges to security practitioners.
· Under pressure: 63% of information security professionals felt more pressure to secure their organisations in 2015 compared to the previous 12 months, and 65% expect to feel additional pressure this year. Those numbers grew 9% and 8%, respectively, compared to last year.
· Skills gap: Shortage of security expertise has climbed from the eighth-biggest operational pressure facing security pros to the third-biggest, behind advanced security threats and adoption of emerging technologies.
· Board burden: 40% of respondents feel the most pressure in relation to their security program either directly before or after a company board meeting – 1% higher than how they feel after a major data breach hits the headlines.
· Detection trumps prevention: The largest security responsibilities facing 54% respondents are related to detection of vulnerabilities, malware and compromised systems.
· Moved to managed: The number of respondents who either already partner or plan to partner with managed security services providers has climbed from 78% to 86%.
· Not ready for prime time: 77% of respondents (nearly four in five) are pressured to unveil IT projects that aren’t security ready.
· Empty promises: Pressure to select security technologies containing all of the latest features has jumped from 67% to 74% among respondents, but having the proper resources to put them to use has fallen from 71% to 69%.
· Connectivity breeds contempt: Internet of Things (IoT) is the emerging technology respondents feel the second-most pressure to adopt/deploy, behind the cloud. Respondents rate it the second riskiest emerging technology, also behind the cloud.
· Data and DDoS gloom: Customer data theft and intellectual property theft remain the top two worrying outcomes following an attack or data breach, but a disabled corporate website is the biggest riser (from 7% to 13%).
· Demand outpacing supply: Respondents wishing to quadruple their staff from its current size has risen from 24% to 29%.
· Early termination: Job loss remains as the third-highest post-breach repercussion fear, but has grown from 8% to 11%. It sits behind reputation damage and financial damage to one’s company, respectively.
“Security professionals live in a unique and stressful environment, defined by conflict with faceless attackers as well as internal threats,” said Steve Kelley, Chief Marketing Officer at Trustwave. “Businesses rely on information security more than ever before and the pressure to show measurable success is taking a toll on security practitioners. The widening gulf between the expected outcomes and the struggle to maintain adequate solutions and staff is driving businesses, now as many as 86% of them, to partner with a managed security services provider to relax the pressures and help them achieve their cybersecurity goals.”
