Cybersecurity heads feel isolated, under-supported and under pressure from growing threats, according to a survey by Trend Micro.
The survey of IT professionals with responsibility for cybersecurity found that many feel they lack support from company leaders, and 33% feel completely isolated in their role. IT professionals are also struggling with internal communications to raise awareness at board level, and one third report declining job satisfaction.
Globally, IT teams are under significant pressure, with some of the challenges cited including prioritizing emerging threats (47%) and keeping track of a fractured security environment (43 percent). The survey showed that they are feeling the weight of this responsibility, with many (34%) stating that the burden they are under has led their job satisfaction to decrease over the past 12 months.
Three-quarters of respondents said that cybersecurity is represented at the board level, but many said that they are still not benefitting from having a seat at the table, and the issue appears to be ineffective communication. Trend Micro's survey showed that 44% struggle to translate complex threats to their organisation's leadership, and 57% say internal communication is the biggest cybersecurity challenge for their business.
Respondents revealed that it often takes a prominent cyberattack to get their voice heard, with 64% saying communication becomes easier in the wake of a high-profile cyberattack like WannaCry. This raises the question of how IT teams can break down these communication barriers before an incident occurs.
"Company leaders must recognize that any individual responsible for cybersecurity will be feeling the strain," said Bharat Mistry, Principal Security Strategist, Trend Micro. "As cyber-attacks increase in volume and sophistication, accountability needs to be shared. No business can afford for the IT function to be an island, because it will inevitably buckle. This means shifting the mindset from cybersecurity being a standalone initiative to a shared responsibility across an organisation.
"Taking a place in the boardroom is only step one. IT professionals need to find ways to communicate the value of having security expertise embedded across the breadth of the organisation. They could also strive to learn more from other business leaders about how they can better communicate risk, so they can make sure cybersecurity is front of mind in every department."
"With a scattered approach to security, IT managers are constantly having to go over hurdles to keep their organizations safe, even with security now placed as the second highest risk in terms of doing business, here in the region," commented Dr. Moataz Bin Ali, VP for Trend Micro Middle East and North Africa. "The reactive approach to security, and the lack of organizational support for the IT teams, means that a robust security solution then becomes mandatory. We recognize the challenges security teams faces, especially in the face of rapid digital transformation, and organizations require a connected threat defense that offers a 360 view of the network, to help stretched security teams transform the passive approach to security to an active approach," added Ali.