Lack of security expertise has direct impact on damage caused by breaches, says Kaspersky

Enterprises that don’t want to pony up the cash to pay for a suitably-sized security staff may find they’re dishing out even more cash when a breach happens. Research released by security vendor Kaspersky Lab found a correlation between lack of full-time security experts on staff and increased costs of recovering from security breaches.

The “2016 Corporate IT Security Risks” report is the result of a survey of more than 4,000 people from a variety of industries and company sizes. During the survey, Kaspersky found a general shortage of full-time security staff.

Typically, only 15 per cent of employees in any given IT department are dedicated to security. According to Kaspersky, it’s a figure that needs to be reconsidered. There are approximately 315,000 malware threats detected every day, and sufficient staffing is required to proactively address such challenges.

When recovering from an incident, large businesses tend to find their outsourcing costs fall between US$1.2 million and US$1.45 million. Large businesses with an adequate security staff, though, see those figures drop drastically to between US$100,000 and US$500,000. The reason, according to Kaspersky, is because the extra costs go toward hiring external experts for help.

There’s no easy solution, though. Forty-eight per cent of the respondents indicated a security talent shortage and 46 per cent noted a growing demand for skilled specialists. Additionally, 68.5 per cent of businesses expect to add to their full-time security staff. Of those, 18.9 per cent indicated they expect to increase their security staff numbers significantly. Trying to find appropriately-skilled security experts may be difficult, though.

Another strategy for proactively dealing with potential security issues is to share intelligence with customers, Kaspersky noted in its announcement. That’s where the vendor and its partners come in.

“In this evolving industry the relationship with our customers already goes beyond the shipment of a technology or a product — to providing the skills and training necessary to identify on-going attacks,” said Veniamin Levtsov, vice president, enterprise business at Kaspersky Lab, in a statement.

With that in mind, the full report is available on Kasperky’s website.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Chris Talbot
Chris Talbot
Chris is a freelance technology writer that resides in the Northwest Territories. A former editor at ITWC, he now spends his time as a scribe for various tech publications while having an appreciation for the finer things in life - namely beer and cigars.

Related Tech News

Featured Tech Jobs


CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.