IT pros are under pressure from all sides

 

No one gets into an IT career because they like having relaxing, low-pressure work environments. A study by Trustwave shows various forces are combining to put IT pros in the hot seat – and chief among all is security. 

According to the annual Security Pressures Report, IT pros continued to feel stress this year, and it’s becoming the new normal.

Fifty-five percent of IT pros in the United States reported that they were more stressed this year than last. Another 30% reported being just as  stressed, and only 15% felt more comfortable than a year ago.

And projecting forward for the coming year, 57% expect next year to be more stressful, 28% think it’ll be just as pressured and only 15% are expecting less pressure.

Top-down pressure

Not surprisingly, with IT reporting to the highest levels of the organization, the C-suite is a particularly tough group to please. According to the survey, IT felt pressure from:

  • board of directors, C-level executives and owners (62%)
  • direct managers (18%)
  • self (11%), and
  • colleagues or peers (6%).

Only 3% said they don’t feel pressure at all. (No word on who these fortunate few worked for, or for that matter, if they’re hiring.)

And not all the pressure that was applied to IT pros was constructive. In some cases, it was downright dangerous.

Almost 8-in-10 (77%) of respondents said they’d been pressured to roll out IT projects despite known security issues. And while the cloud and BYOD were the projects that IT was under the most pressure to deliver, they were also the top two projects cited for posing the greatest risk to the organization.

That obviously puts IT in the very uncomfortable but all-too-familiar spot: being a facilitator of new technologies while also having to balance the security needs of the organization.

Inside and outside pressure

That wasn’t the only balancing act that IT faces. Respondents reported having to focus security efforts on two distinct groups: the users within the organization and those on the outside looking to compromise security.

While a majority (61%) of respondents said they were most concerned with external threats:

  • 20% feared malicious insiders most, and
  • 19% were most concerned by non-malicious internal threats.

A quarter of respondents said that non-approved software (such as shadow IT) and malware were their biggest internal concerns.

What to push for

It’s clear that help is much needed and appreciated. But for IT, that help isn’t necessarily the kind most would initially assume.

While a higher budget was No. 1 on the wishlist at 27%, other helpful resources would include:

  • more security staff expertise (23%)
  • more time to focus on security (22%)
  • service providers (13%)
  • less complex technologies (7%)
  • more staff (5%) and
  • fewer requests from business-line managers (3%).

While it’s usually assumed throwing more staff at a problem would help, that wasn’t quite what mattered to those surveyed. They wanted staff with more expertise in the security field, not just more staff in general. (This is an overall trend that a lot of companies are seeing.)

Of course, priorities will vary by organization, but some best bets for getting the support you need include:

  • Telling a compelling story. Provide clear examples of what an investment will do for security. Show what can go wrong, as well as what success will look like.
  • Highlighting free fixes. Not all IT security projects will require money to execute. Highlight free fixes you want to implement as well in order to show executives your primary concern is security, not increasing your department’s share of the pie.
  • Stressing security matters. Some execs will need extra help to see why security is important to the organization. Emphasize that it’s not just to prevent having a very bad day – it can also be a selling point that separates you from the competition.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy