Careers & People

5/24/2017
03:00 PM
50%
50%

Unsanctioned Computer Support Costs Companies $88K per Year

A new survey of security professionals says that 83% of respondents help colleagues in other departments fix their privately-owned computers on company time.

Security professionals are devoting more than one hour during the work week to assist co-workers who are asking for help in fixing their employee-owned personal computers, according to a survey released Wednesday by FireMon.

The survey of more than 350 IT security pros found 83% help fellow employees in other departments fix their personally owned computers. And of this group, 80% spent an hour or more per week doing this.

This translates into assistance that is costing employers roughly 52 hours a year or more – slightly more than a week's worth of vacation. It also comes at a time when companies are scrambling to fill a shortage of IT security workers.

According to the study, the average salary for an IT security professional is $55 an hour. So when you multiply that with the 52 hours that an IT security worker spends helping co-workers fix their personal laptops and computers, it comes out to roughly $3,000 a year in lost security work, according to the survey. And when you consider the average IT security staff is roughly 31 workers, then that collective figure jumps to a loss of $88,660.

Read more about the study here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
alemax
50%
50%
alemax,
User Rank: Apprentice
6/30/2017 | 7:32:32 AM
Re: Interesting Stats
You are totally right, I have the same opinion. 
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
5/30/2017 | 9:24:27 AM
Interesting Stats
This is a good mechanism for comparing work productivity, or lack of, for an overall group of employees.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
5/30/2017 | 9:18:59 AM
Re: This will only get worse because...
I'm not so convinced that working remotely would increase this cost. The article states that these services are being provided to other departments. I think that working remotely would further segment departments from a social aspect, thus having an employee from a different department less likely request this type of help. Just my opinion.
LindsayCybSafe
0%
100%
LindsayCybSafe,
User Rank: Strategist
5/25/2017 | 6:17:28 AM
This will only get worse because...
Remote working is on the up, as people are using private devices more often and unsecured wifi networks to do work related activites, including uploading sensitive docs to cloud storage. Cybsafe is best to use to educate your workforce and update them with real time threat intelligence.
It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/12/2019
763M Email Addresses Exposed in Latest Database Misconfiguration Episode
Curtis Franklin Jr., Senior Editor at Dark Reading,  3/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: LOL  Hope this one wins
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.