Less than half of firms have a security team within their wider IT dep’t

Image courtesy of Kaspersky

Cybersecurity is managed by a dedicated department among half (52%) of enterprises, while only 20% of companies have an in-house Security Operation Center (SOC) responsible for continuous monitoring and responding to security incidents, according to the Kaspersky Global Corporate IT Security Risks Survey.

Even then, improving internal specialists’ expertise was listed as the second most important reason to increase the IT security budget over the coming years, Kaspersky found.

The survey covered 5,266 IT business decision-makers across 31 countries in June 2020.

Businesses, and large enterprises in particular, require skilled professionals to protect from ever-evolving cyberattacks. Combining IT and security functions within a single department can be convenient and speed up many processes to this end. 

However, this approach also contradicts the segregation of duties principle, as the same people would be responsible for both day-to-day IT initiatives as well as the evaluation of corresponding security risks.

Respondents were asked if their companies employ highly specialized units within a cybersecurity department. In addition to SOC, 16% said that they have dedicated threat intelligence teams and 14% employ a dedicated malware analysis team.

Despite the share of such dedicated units seeming quite small, the majority of organizations are ready to mitigate this by assigning budget to upskill their IT security staff. More broadly, 71% of all businesses expect that their investments into IT will grow in the next three years. 

Among them, 41% of enterprises are driven by a desire to improve internal specialists’ expertise, making it the second most common reason to increase the IT security budget.

“The survey results show that enterprise cybersecurity departments may come in many forms. It means that their needs and requirements also vary,” said Sergey Martsynkyan, head of B2B Product Marketing at Kaspersky.

“With our framework approach we not only help customers to protect against cyberattacks based on their current capabilities, and irrespective of business size, but we outline how they can strengthen their internal security expertise further looking forward,” said Martsynkyan.