2012 Global Information Security Survey - Fighting to close the gap
Not enough resources, not the right skills
It's a familiar refrain in today's era of economic volatility and spending restraint: too much work, not enough resources.
When we asked organizations which main barriers and obstacles are challenging the ability of their information security function to deliver, 43% of respondents cite a lack of skilled resources. This figure is no doubt linked to the only factor that scored above it — budget constraints.
And yet, only 22% of respondents indicate that they are planning on spending more on skilled resources in the next 12 months.
Limited security awareness training
Given the acceleration of external threats, coupled with the use of mobile devices and networks, organizations also need to devote resources and money to train employees outside of the information security function about the role they must play in keeping the organization’s information safe.
Organizations need people with the right skills and training to meet rapidly evolving changes.
37% of respondents see the threat that has most increased their organization’s risk exposure as careless or unaware employees. As well, the number of actual incidents caused by inadvertent employee data loss has risen by 25% in the last year.