Rapid changes to the IT security landscape in the past two years have left internal staff struggling to keep abreast of new threats.
Few IT shops are well equipped to deal with the level of forensic analysis required to deal with compromised machines, according to Darren Beilby, incident response expert for Security-Assessment.com.
Many of the security techniques used for detecting a compromised machine two years ago no longer apply, he said.
"A couple of months ago we were at a site where it was obvious to us that a rootkit was installed on a few Unix machines and we took forensic copies of the machines which proved they were first compromised nine months before," Beilby said.
Without a solid grounding in IT security and specialist expertise, Dr Craig Valli, senior lecturer in computer and network security at Edith Cowan University, WA, said most IT organizations will not cope with today's threats.
"The fact is IT managers should have a grounding in theory to see where the vulnerabilities are and then call on the techie guys," Valli said.
"Rootkits, spyware and some 'bot' technology is well ahead of the game and getting more sophisticated in ways of bringing a network down."
Professor Bill Hutchinson, IBM chair of Computer and Information Security at Edith Cowan University, said he sees very few IT managers attending short courses, mainly because most organizations are focused on keeping the lights on.
"Some specialized security courses are $5000 a day and are just a long lunch," Hutchinson said.
"IT managers are saying they have not got the time for training or education. An accountant would not say they have not had the time to learn changes in corporate law."
Ron Gascoigne, IT manager for Holmesglen TAFE, said appropriate security courses are hard to design because of the changing nature of what is in fashion at any point in time.
Gascoigne said most IT managers study a specific security niche privately that relates directly to the equipment their employer uses.
Naveen Sharma, associate director of Information Technology for Griffith University said the level of specialization required means a lot of organizations are appointing dedicated IT security managers.