Posted by Marbenz Antonio on November 29, 2022
As adversaries discover new strategies for causing havoc and increasing profits, cyberattacks are expanding. Attacks usually have real impacts and change over time. Threat actors can utilize ready-made tools against the software supply chain and other crucial systems thanks to the expanding illegal Software-as-a-Service industry. The threat of nation-state strikes is another, with significant instances reported each month and no signs of slowing.
Cybersecurity experts continue to report a global manpower shortage despite these growing concerns. These errors may be harmful to both incident response and prevention. Regardless of team size, understaffed security teams are required to respond to cyber incidents as soon as they occur. Working with such few resources becomes more difficult and more stressful with every incident, which creates an attrition cycle.
Cybercriminals usually launch attacks at off-peak times in an effort to make a fortune when the personnel is away. Because of this, incident responders usually have to work past usual office hours, maybe during or soon before important holidays. The most important time frame after an incident is usually the first 72 hours. During this period, incident responders must identify the main attack vector, stop the intrusion, and start the remediation process.
It is difficult for incident responders because the response to an incident doesn’t end until the situation is under control. According to recent research, security professionals put in a lot of overtime during an incident, usually more than 12 hours per day. 30% of respondents claim that incident engagement lasts even longer, while 48% estimate that engagement lasts an average of two to four weeks. Responders usually manage many incidents concurrently, which increases the time and focus needed.
It’s typical for security professionals to feel guilty after an event. They might have a great sense of duty to protect and stop the inevitable. Especially CISOs can feel compelled to shoulder the weight of responsibility.
Privacy lawyer Alexandra Vesalga highlights the added pressure CISOs must deal with in the wake of recent litigation following an unreported cyberattack.
“CISOs are under a tremendous daily pressure,” Vesalga said. “The cyber threat landscape is changing constantly, and many organizations expect their security teams to be omniscient superheroes, anticipating and preventing any and all threats.”
Cyber incident response missteps may personally affect CISOs. Vesalga continues, “Within these high-pressure cultures, CISOs often feel a personal responsibility for cyber incidents. Pouring gas on the fire, there is a new trend toward personal liability for cyber incidents — just last month, Uber’s former CISO was found guilty on criminal charges for his actions in response to a 2016 breach. He awaits sentencing and could face jail time.”
Responders to incidents feel pressured to work over their physical limitations. In some cases, that can include staying up late and working one or more nights. Lack of sleep can harm the ability to make choices, solve problems, and control signals skills that are important for responding to incidents.
The effects of total sleep deprivation, which lasts for 24 or more hours, are much more harmful to mood, decision-making, and attention. After 24 hours of wakefulness, best martial arts athletes showed signs of depression, confusion, fatigue, and anxiety, according to a new study. In comparison to their regular sleep performance, study participants’ physical performance was much worse when they were sleep-deprived.
Unsurprisingly, a cyber attack causes a lot of experts to have serious negative effects. More than two-thirds of respondents in a recent study said that encountering high levels of stress over an extended time can result in increased levels of anxiety in daily life. As a result of an incident, incident responders also note major sleep disruptions and back pain.
According to a new study, trauma symptoms remain for months following a cyber event. Burnout is common and usually causes significant turnover. The majority of the time, human resource management departments don’t have a formal protocol in place for responding to cyber incidents. Participants in the survey also indicated a desire to change careers or quit the field of cybersecurity altogether. Responders to incidents look for mental health resources even in the absence of specific programs and report having sufficient access to these services.
The best solution is prevention. Response to cybersecurity incidents is a serious responsibility that might be challenging to leave behind. Keiron Holyome from BlackBerry advises companies to design their response expectations with a focus on making sure teams are aware of what to expect.
“If the past two years have proven anything, it’s that no organization in any industry is immune to cybercrime,” Holyome said. “Cybersecurity teams are critical to sustaining business continuity, they cannot afford to switch off and leave organizations at risk — especially because that risk isn’t limited to working days or business hours.”
Holyome goes on to discuss how long hours and stressful working conditions affect security teams. “Alert fatigue and the push to make important decisions with limited experience, knowledge, or context can weigh heavily. When a cyberattack strikes, having a process to follow that reduces pressurized decision-making, and knowing that support is at the end of a phone call, can be a big step towards creating a healthier environment for those working in IT and security roles.”
The threat landscape is constantly changing, necessitating new strategies. Teams require their employers’ support at every stage of the process as they prepare for the next incident.
Burnout among incident responders and other signs of a high-stress workplace are good places for businesses to start. Teams will stay fit and ready for the next attack if incident responders are given time to recover from the added stress of cyber attacks.
Additionally, a well-planned reaction is only effective when staff members have the chance to practice drills to determine who is in charge of what. Staff members might better mentally prepare for event response by practicing tabletop exercises. Working from the familiar minimizes anxiety that comes with the unknown, allowing employees to concentrate on response and correction. During this time, it is possible to emphasize the value of taking pauses from your work and the process for doing so.
Senior leaders must prioritize looking after incident responders. Less turnover and the retention of competent workers in an industry that is continuously understaffed will result from improved working conditions.
Here at CourseMonster, we know how hard it may be to find the right time and funds for training. We provide effective training programs that enable you to select the training option that best meets the demands of your company.
For more information, please get in touch with one of our course advisers today or contact us at firstname.lastname@example.org