2024-02-04 03:00:00
February 4, 2024 – 00:00
The mental health of security analysts: a challenge that organizations must address. How burnout and other issues can impact employee effectiveness.
Pixabay
For many years, the security analysts they gave priority to your work above its mental health. However, cracks are beginning to appear. The exhausted and overwhelmed analysts are another silent cybersecurity epidemic that organizations will have to manage.
The content you want to access is exclusive to subscribers.
subscribe I am already subscribed
According to Gartner, the 50% of cybersecurity leaders they will change positions from here to 2025 due to the work stress and the exhaustion. Jinan Budge, an analyst at Forrester, assures that managing the exhaustion and the mental health is a priority for the security team. The CISO (Information Security Officers) must address the lack of importance that is given to mental health before it is too late.
Find out more
analyst-digital.jpg
The adverse effects of ignoring fatigue on safety
He professional burnout is included as “occupational phenomenon” in the 11th Revision of the International Classification of Diseases (CIE-11). There World Health Organization (WHO) defines it as a syndrome caused by inadequate management of work stress. He energy depletionthe feelings of negativity or the cynicism towards one’s own work and decreased personal effectiveness are three listed symptoms of job burnout. It is also known as “burnout”.
When it comes to safety, burnout affects both business results and individual effectiveness. In a survey conducted by Enterprise Strategy Group and ISSA, two-thirds of cybersecurity professionals rated their work as “difficult”. Almost half of them consider leave your job. This might cause a continued reduction of SOC equipment (Security Operations Centers, for its acronym in English), in addition to the existing gap between supply and demand. A smaller SOC team might mean a increased risk of data breachin addition to a greater possibility of financial and reputational losses.
Addressing mental health issues in SOC teams
In addition to the primary responsibility of improve security maturity In their organizations, CISOs are tasked with fostering security teams highly productive. This involves addressing the various problems that affect the mental health of security analysts. Among these are the exhaustionthe levels of motivation and the lack of security automation.
burnout_1000.jpg
Pexels
CISOs can approach it in four ways
- Recognize burnout in security teams: The growing shortage of qualified professionals has led SOC teams to perform tasks beyond their scope and capacity. Faced with the constant threat of cyberattacks, security analysts and incident response personnel feel pressure to remain alert 24/7. Acknowledging the existence of the large-scale problem instead of hiding it can lead to discussing possible solutions and best practices for the entire sector.
- Foster an environment of open communication: CISOs should encourage employees to prioritize their mental health, normalize asking for help, and utilize the services the organization offers. Providing mental health support in the form of work-life balance, adequate time off and support for analysts – in case of work overload – would be a good start. Some organizations also offer internal health services to their employees.
- Implementation of an effective recovery plan: Many CISOs are aware that they are responsible for situations that can cause enormous losses to the organization. Corrective measures such as investing in cyber insurance and implementing a customized, error-free incident response strategy will go a long way to ensuring a plan B is in place. It is also likely to reduce the stress that a frontline analyst would face.
- Invest in security analysis platforms: The advent of Artificial Intelligence (AI) means that organizations can now invest in security analytics solutions that automate secondary and repetitive tasks. It also frees up time and resources for SOC teams. Analysts can prioritize issues that require their time over false positive alerts or minor incidents.
Financial versus: dollar or Lebac, what market analysts recommend
Any member, regardless of level, can experience exhaustion. As analysts grapple with a endless alertsCISOs and SOC managers have to face the fear to be held responsible for any sudden incident of cybersecurity and its repercussions.
It is necessary a increased awareness regarding mental health in security equipment. Attackers continue to use sophisticated techniques to penetrate company networks and devise new ways to deploy social engineering techniques.
By Ram Vaidyanathan, IT Security Evangelist at ManageEngine.-
1707015929
#key #sustainable #success #cybersecurity
