All the latest UK technology news, reviews and analysis
|
|
|
07 Dec 2010
A lack of qualified security staff is preventing IT managers from securing the enterprise, according to data from Forrester Research.
A survey of over 2,000 IT executives in the US, UK, Canada, France and Germany found that one of the key problems behind corporate IT security is getting qualified staff to do the job.
Almost a third of managers in the US and nearly a quarter in Europe suffer from staff shortages in this area.
"Security leaders feel that they simply don't have enough staff to carry out day-to-day tactical activities while adjusting to major business and IT shifts and changing threats," said Forrester principal analyst Khalid Kark.
Lack of budget is also a major issue, and the survey found that 29 per cent of US and 23 per cent of European companies reported a shortfall in funds for IT security.
Nearly a third of US managers also reported that too much time is spent on day-to-day activities, compared to less than one in five European bosses.
Kark suggested in Forrester's Twelve recommendations for your 2011 security strategy that companies will face an inflection point next year when the number of non-PC computing devices in the enterprise exceeds the number of traditional PCs for the first time.
The analyst recommends encouraging more mobile devices up to a point, since they are often equipped with better security than older computers, and standardising policies around device capabilities not brands.
The report also predicts a rise in cloud services, and said that sensitive corporate information can be further controlled by thin client systems.
Latest stories from Skills
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
Orange and Intel talk us through the ins and outs of their San Diego smartphone
Connect with V3.co.uk
The wrong printers, for the wrong tasks on the wrong contracts
Who leads the BI pack and who should we be watching out for?
BUSINESS SYSTEMS DIRECTOR (You will ideally have worked...
Application Production Engineer - Application Engineer...
C#/ C++ * Software Engineer* 3D Graphics skills - Global...
Senior Low Latency Consultant, Low Latency Project Management...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Lack of Staff Holding Back Security
I took time out for family reasons and because Agency People then took me off the radar I have struggled to get for nearly 4 years even though I am an ex P/Q ACCA, ex Oracle UK Consultant, Team Leader with wide experience in the UK and Europe. The people are out there but frozen out by Agencies and I have worked with Oracle Applications and Databases for 20 years.
Posted by: Dave Page 09 Dec 2010
Off-Shore I.T. Security to China like everything else....
Fat corporations don't even bother with the talent in their own areas because they want a liveable wage (God forbid) so why don't you Fat Cats off-shore your I.T. Security as well. You have given thier sweat-shops every other jobs so why not trust your most valuable data with them?
Posted by: Data Forsale 09 Dec 2010
Streamlining the operations should be the focus
It is not necessarily that more staff are needed, as many IT operations, management and security measures can be outsourced in order to help the IT staff focus on thier core challenges. Services such as MSCmanage, MSCmail and MSCvault would for example automatically update computers and software, remove spam messages and potential viruses before they reach their intended destination, or backup data to a secure online centre, all of which would save time for the IT manager.
Posted by: Juliette_msc 07 Dec 2010
Expectations too high
Most of these companies are asking for someone with 10 years experience in a field that is not that old, and also want everyone to be a CISSP, and possibly have a Security Clearance. If they were willing to take someone with perhaps a degree in the security realm or with a basic security certification, they might have more luck.
Posted by: Mary 07 Dec 2010
Only because they look for a security acronym & certifications
Go ahead and keep hiring the applicants with the security certification acronyms behind their name. I don't know of any serious enterprise system administrators who would bow down to take any security certification. What you are hiring are rank amateur "black-hat wanna bes" but when it comes down to anything other than writing about it they fail and so does your enterprise's security.
Posted by: FDunn 07 Dec 2010