IT staff are too thinly spread to fight cybercrime: ISACA

Oceanic firms are having to fight off more security breaches than others, with not enough staff and having them spread across slow projects.

Businesses in the Oceanic region are having to fight off more security breaches than the rest of the world, with only insufficient and thinly-stretched staff in place, in many cases.

These findings come from the ISACA 2012 Governance of Enterprise IT survey, which looked at over 3700 businesses, 65 of which were from Australia and New Zealand.

ISACA Security infographic
Top network challenges, globally.(Credit: ISACA)

It found that Oceanic organisations were more likely to have had a security breach than those in the rest of the world. About 29 per cent of responding Australian and New Zealand organisations reported having had a security breach in the past 12 months, compared to the global figure of 22 per cent. Privacy breaches were slightly less than the 12 per cent global average, at 10 per cent.

This may be due to Oceanic organisations being overly concerned about privacy issues, ranking data leakage as the top concern in network security for the next 12 months. About 19 per cent rated it as a top concern, followed by 17 per cent who were worried about inadvertent employee mistakes and 15 per cent about incidents relating to employees' personal devices. Cloud computing and cyber attacks ranked lowest, in terms of the most likely challenge to a network's security, at 12 and 11 per cent, respectively.

"Data collection is increasing at such a rapid rate that it's not surprising that there is a level of concern among industry professionals around how to keep all company information secure,” said ISACA director Jo Stewart-Rattray.

"All organisations need to ensure that there are adequate security frameworks and guidelines in place to keep proprietary and sensitive company data secure."

But this might be difficult, given that a majority of companies are also facing an IT shortage. About 54 per cent of Oceanic organisations ran into problems in finding necessary staff. Additionally, Oceanic businesses had staff stretched out across projects for longer than necessary, with 57 per cent stating they ran into the problem of project overrun. This was higher than the global average of 48 per cent.

ISACA vice president Tony Hayes warned that staffing issues could spell disaster for an already thinly spread company, in the event of a security or other IT incidents.

"When a major issue breaks, it can be extremely damaging to a company, and the business consequences can range from being troubling to catastrophic. I urge all organisations to review their IT departments on a regular basis, to ensure they are well equipped in terms of staffing levels and training."