Careers & People

5/24/2017
03:00 PM
50%
50%

Unsanctioned Computer Support Costs Companies $88K per Year

A new survey of security professionals says that 83% of respondents help colleagues in other departments fix their privately-owned computers on company time.

Security professionals are devoting more than one hour during the work week to assist co-workers who are asking for help in fixing their employee-owned personal computers, according to a survey released Wednesday by FireMon.

The survey of more than 350 IT security pros found 83% help fellow employees in other departments fix their personally owned computers. And of this group, 80% spent an hour or more per week doing this.

This translates into assistance that is costing employers roughly 52 hours a year or more – slightly more than a week's worth of vacation. It also comes at a time when companies are scrambling to fill a shortage of IT security workers.

According to the study, the average salary for an IT security professional is $55 an hour. So when you multiply that with the 52 hours that an IT security worker spends helping co-workers fix their personal laptops and computers, it comes out to roughly $3,000 a year in lost security work, according to the survey. And when you consider the average IT security staff is roughly 31 workers, then that collective figure jumps to a loss of $88,660.

Read more about the study here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
alemax
50%
50%
alemax,
User Rank: Apprentice
6/30/2017 | 7:32:32 AM
Re: Interesting Stats
You are totally right, I have the same opinion. 
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
5/30/2017 | 9:24:27 AM
Interesting Stats
This is a good mechanism for comparing work productivity, or lack of, for an overall group of employees.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
5/30/2017 | 9:18:59 AM
Re: This will only get worse because...
I'm not so convinced that working remotely would increase this cost. The article states that these services are being provided to other departments. I think that working remotely would further segment departments from a social aspect, thus having an employee from a different department less likely request this type of help. Just my opinion.
LindsayCybSafe
0%
100%
LindsayCybSafe,
User Rank: Strategist
5/25/2017 | 6:17:28 AM
This will only get worse because...
Remote working is on the up, as people are using private devices more often and unsecured wifi networks to do work related activites, including uploading sensitive docs to cloud storage. Cybsafe is best to use to educate your workforce and update them with real time threat intelligence.
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "I'm not sure I like this top down management approach!"
Current Issue
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17332
PUBLISHED: 2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svg_string.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls.
CVE-2018-17333
PUBLISHED: 2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because sscanf is misused.
CVE-2018-17334
PUBLISHED: 2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy limit is miscalculated.
CVE-2018-17336
PUBLISHED: 2018-09-22
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n...
CVE-2018-17321
PUBLISHED: 2018-09-22
An issue was discovered in SeaCMS 6.64. XSS exists in admin_datarelate.php via the time or maxHit parameter in a dorandomset action.