IT security staff need to reduce workload

Companies need to be careful that valuable IT staff aren't being sidelined by mundane tasks that could be passed off to generalists delegates at the Gartner IT Security conference were warned.

As functions like patch management and anti virus protection become easier they should be passed off to operations staff according to keynote speakers. Too often companies were tying up staff with business issues or run of the mill security work and not getting the best from staff.

"Security is no longer dealing with breaches, it's about dealing with important matters like intellectual property protection," said Bob Gleichauf, chief technology officer for Cisco's security technology group.

"But I go to other companies where security guys are spending time with audit controls and the like. IT has to go and get budgets for a case that business folks decide they don't want; it's a waste."

By wasting security staff's time companies could be leaving themselves open to the real threats said Neil MacDonald, vice president distinguished analyst for Gartner.

"We need lot of focus on internal threats, botnets, and keyloggers, this doesn't require operations staff. Security staff should focus on more high skill high intensity problems, not nitty gritty details."