LogRhythm’s Global Study Reveals Security Teams’ Stress Levels Surge Due to Lack of Proper Tools and Executive Support, Impeding Ability to Tackle Threats
Much can be learned from the many industry reports produced each year. They illuminate the various aspects of security including the challenges we face and the tools we use to combat the myriad threats.
Of particular interest are those reports that peek under the hood of the organizations that shape the security industry to give us some insight about what is happening with people. People are infinitely more interesting and important than tools, and nothing will make or break a security solution provider faster than the people that work there.
This report does precisely that. It looks at the stresses and level of support experienced by the security industry rank and file.
Today, LogRhythm, the company powering today’s security operations centers (SOCs), today announced the release of its report, The State of the Security Team: Are Executives the Problem? The surprising primary findings include 93% of security professionals lack the tools to detect known security threats, and 92% state they are still in need of the appropriate preventative solutions to close current security gaps.
Based on a global survey of more than 300 security professionals and executives, LogRhythm sought to understand the root causes of the stress under which security teams operate, obtain feedback on the ways in which it could be alleviated and the best paths to remediation. It found 75% of security professionals now experience more work stress than just two years ago.
“Now, more than ever, security teams are being expected to do more with less leading to increasing stress levels. With more organizations operating under remote work conditions, the attack surface has broadened, making security at scale a critical concern,” said James Carder, CSO and VP of LogRhythm Labs. “This is a call to action for executives to prioritize alleviating the stress and better support their teams with proper tools, processes, and strategic guidance.”
Security Team Stress Increases Without Executive Leadership
When asked what causes the most work-related stress, the two most selected answers were not having enough time (41%) and working with executives (18%). In fact, 57% of respondents indicated their security program lacks proper executive support — defined as providing strategic vision, buy-in and budget.
Furthermore, security professionals cited inadequate executive accountability for strategic security decisions as the top reason (42%) they want to leave their job. An alarming statistic, given nearly half of companies (47%) are trying to fill three or more security positions.
Deployment of Redundant Security Tools Points to Value of Tool Consolidation
Sixty-eight percent of respondents admitted their organization has deployed redundant security tools, and 56% confess this overlap is accidental — once again emphasizing the need for improved strategic oversight from executives. Despite duplicative tools, 58% of respondents said they still need increased funding for tools when asked what additional support their security programs require.
Consequently, the report highlights the growing value of IT consolidation. Security professionals rate the value of solution consolidation highly, citing top benefits as less maintenance (63%), faster issue detection (54%), identification (53%), and resolution (49%), as well as lower costs (46%) and improved security posture (45%). Yet, only one in three companies (32%) have a real-time security dashboard which provides a clear, consolidated view of all their security solutions.
Top Five Ways to Reduce Stress Among Security Teams
When asked what would help alleviate their stress, the top five responses included:
- 44%: Increased security budget
- 42%: Experienced security team members
- 42%: Better cooperation from other IT teams
- 41%: Supportive executive team
- 39%: Fully staffed security team
“All employees, from the CEO to the frontline IT worker, need to feel that they play a significant role in maintaining the security of the company for which they work,” said James Carder, CSO and VP LogRhythm Labs. “At LogRhythm, we are committed to empowering the SOC team and improving visibility and automation so our customers can successfully safeguard their critical assets.”
For more information on LogRhythm or to download the full report, click here.
Methodology
Security professionals at medium businesses to large enterprises representing all seniority levels were invited to participate in a survey on their company’s security tools, work environment, leadership, and current needs. The survey was administered electronically, and participants were offered a token compensation for their participation. A total of 308 qualified participants completed the survey in April 2020. All participants were security professionals or executives. Participants were from six continents – North America, South America, Europe, Africa, Asia and Australia.
About Dimensional Research
Dimensional Research® provides practical market research for technology companies. We partner with our clients to deliver actionable information that reduces risks, increases customer satisfaction, and grows the business. Our researchers are experts in the applications, devices, and infrastructure used by modern businesses and their customers. For more information, visit www.dimensionalresearch.com.
About LogRhythm
LogRhythm empowers more than 4,000 customers across the globe to measurably mature their security operations program. LogRhythm’s award-winning NextGen SIEM Platform delivers comprehensive security analytics; user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) within a single, integrated platform for rapid detection, response, and neutralization of threats. Built by security professionals for security professionals, LogRhythm enables security professionals at leading organizations like NASA, Temple University and XcelEnergy to promote visibility for their cybersecurity program and reduce risk to their organization each and every day. To learn more, please visit logrhythm.com.
Steven Bowcut is an award-winning journalist covering cyber and physical security. He is an editor and writer for Brilliance Security Magazine as well as other security and non-security online publications. Follow and connect with Steve on Twitter, Instagram, and LinkedIn.