ESG Research Report: Security Management and Operations: Changes on the Horizon. ESG surveyed 315 security professionals working at North American=based enterprise organizations (i.e. more than 1,000 employees) 30% of security professionals said that the security team spends too much time reacting to problems (and not enough time with proactive security management and planning) 24% said that there was a lack of security skills within the IT department. 23% said they had too many security tools and 19% said their organization lacks the appropriate level of security intelligence to make accurate and timely decisions.”]