Every now and again, we like to take the opportunity to get a view from the trenches and find out what information security professionals are thinking when it comes to particular areas of their jobs and the technologies they use. It not only gives us a chance to confirm and reaffirm that what we as a company are doing with our products is beneficial, but we get some unique insight on the state of the industry as well.
Take our latest survey; that found that 83% of IT security professionals are often asked by colleagues to help fix their personal computer problems, 80% of that group spends an hour or more a week on such tasks. Even at the lowest end of just an hour spent on this, it equates to $55 per week when you consider that the average IT security personnel salary is $114,388 according to Indeed. Multiply that by the average 31 person headcount for IT security, and it grows to $1,705 per week and ultimately $88,660 per year.
That’s just the bottom end. For the 8% of security professionals who say they spend 5 or more hours a week helping with personal computing woes, this figure could grow to $443,300 per year.
It’s not completely unreasonable for IT security staff to help out their colleagues, but our study does highlight how costly it becomes, especially when you scratch below the surface. For example, organizations are potentially paying qualified security professionals salaries upwards of $100,000 per year and seeing in some cases 12.5 percent of that investment being spent on non-work related activities.
It gets you thinking about the tasks IT security pros have to deal with in a day, some of which are not even security related, like fixing colleague’s computing woes. Others are time-consuming security related tasks that are often done manually, often in a spreadsheet, where they attempt to juggle processes, projects and workflows. We know from our latest State of the Firewall Report that complexity still reigns as a major concern for IT security personnel and are very aware as an industry about that skills gap that keeps growing. We also know that for 40% of these organisations, they still rely on manual processes for dealing with firewall rules and change management.
If organizations were to invest even a portion of that “wasted” spend on more intelligent management solutions that help their IT security personnel keep day-to-day work on track, then it would have a big impact on improving their security postures. It could even potentially reduce the number of staff required to manage complex network security environments.