Just over a quarter of organisations have an in-house cyber-security expert and half have no IT security experts of any kind.


Spiceworks polled more than 600 IT professionals in the UK and US to see if they're adequately countering the rapidly growing levels of cyber-attacks. It was found that 29 percent of organisations have a cyber-security expert working in the IT department, and only seven percent have an expert in another department or on the executive team.


Almost a quarter (23 percent) of organisations pay outside security experts to help protect their environments and fill the knowledge gap. A concerning 55 percent of organisations don't have regular access to any IT security experts at all, internal or third-party.


Cyber-security is a priority for 73 percent of CIOs and senior IT leaders, followed by 56 percent of CTOs and 54 percent of CEOs. Less than 50 percent said cyber-security is a priority for their CFO, COO or CMO. Yet most organisations (80 percent) experienced at least one security incident last year.


More than 80 percent of IT pros are confident in their ability to respond to cyber-attacks on laptops, desktops and servers. They are also relatively certain that they are capable of securing and protecting storage devices and networking hardware (72 percent). They are less confident in their ability to respond to cyber-attacks on tablets (58 percent), smartphones (52 percent), cloud services (44 percent) and IoT devices (36 percent).


The data indicates that more can be done to protect company networks from the increasing number of threats through IT training, IT security certifications and employment of security specialists.