Complexity of security defenses sapping valuable staff time

Register now

A majority of mid-sized companies - those with 500 to 2,500 employees - are struggling to procure, implement, and manage a variety of security products, according to a new study by 451 Research.

The report, sponsored by security-as-a-service provider OPAQ Networks, showed that 82 percent of the 301 IT security professionals at U.S.-based businesses surveyed during the first quarter of 2017 said they spend 20 to 60 hours of in-house staff resources a week on those efforts.

Despite the well-documented challenges associated with finding and retaining security professionals, the study showed that nearly three-quarters of the respondents dedicate between three and five full-time employees to manage their security.

The financial impact on these companies is an average of $178,000 annually just for network security, which represents 39 percent of an organization’s total IT security budget. And according to the study, the financial burden will continue to increase.

Network security spending will grow nearly twice as fast as overall IT security spending over the next five years, projecting a compound annual growth rate (CAGR) of 8.9 percent from $2.4 billion in 2016 to $3.5 billion in 2021. Forty percent of survey respondents expect their spending on network security to increase between 10 percent to 20 percent in the next 12 months.

“The security challenge for mid-tier businesses is multi-dimensional,” said Daniel Cummins, analyst at 451 Research. “For these businesses, everything seems to be increasing—attack frequency, compliance requirements, complexity, costs, and the number of security products that need to be managed. Cloud-based security-as-a-service offers potentially significant advantages in terms of simplicity and access to security that may prove to be less complex and expensive than traditional approaches.”

For reprint and licensing requests for this article, click here.