Defending the defenders: addressing stress in the cyber-security field.

Adarma is a client of Business Reporter.

The lack of trained individuals in the field of cyber security has been a continuous and well-documented issue in the industry. Based on a recent survey* by the Information Systems Security Association (ISSA) and Enterprise Strategy Group (ESG), 76 percent of those surveyed reported facing significant or moderate difficulties when trying to recruit and hire security professionals. Additionally, 95 percent feel that the skills shortage has not improved in recent years, with 44 percent stating that it has actually worsened.

The demand for highly qualified cybersecurity professionals is fierce and creating a proficient security team can be expensive due to the limited availability of skilled individuals. Consequently, many security teams are short-staffed, overworked, and may not have the necessary expertise to navigate the constantly evolving threat landscape. With the responsibility of protecting their companies, responding to emerging threats, and finding opportunities to innovate, it’s no surprise that teams are experiencing burnout and stress.

This behavior is not only detrimental to one’s health, but it is also not feasible in the long run and could result in serious repercussions for both individuals and the companies they are responsible for safeguarding. In fact, over 50% of the organizations surveyed by Adarma expressed concern that the stress and exhaustion faced by their security teams could heighten the likelihood of a cyber-attack.

According to a survey conducted by Adarma, 51% of security operations leaders in the UK from organizations with 2,000 or more employees reported feeling challenged and frustrated. This could potentially lead to errors, exhaustion, and higher rates of turnover. Additionally, 28% of respondents felt that their security teams were hindered in their ability to come up with new and innovative solutions due to these challenges.

Although there are many industries facing high levels of stress, the field of cyber-security has a unique level of worry when it comes to safeguarding against cyber attacks and making data-driven decisions. These roles require a strong level of concentration, but the workdays in cyber-security can often be long and tiring.

Moreover, individuals working in cyber-security tend to have a strong drive and commitment, often taking on a considerable amount of personal accountability for their company’s level of security. This sense of devotion is likely a contributing factor to the heightened stress they face. As cited in the report, a CISO stated, “cyber-security professionals are impacted by their own enthusiasm.”

When questioned about their security teams’ abilities, 42-45% of companies felt that their teams lacked sufficient expertise in the following areas:

by the countries in different regions

To comprehend the dangers that various regions are currently confronting.

“To appropriately identify and address potential threats”

“To comprehend and manage the level of exposure throughout the IT infrastructure.”

To effectively address a real-life situation

·         To measure success and report to the wider organisation

There is a shortage of both personnel and essential abilities within security teams, potentially leading to gaps in defensive capabilities.

Why is it so difficult to address the issue of closing the skills gap and reducing stress within current teams, even though it is a well-known problem? According to Adarma’s research, 60% of leaders view the lack of a security budget as a major obstacle in recruiting and retaining skilled professionals. Additionally, 58% of leaders struggle to convey the importance of security to their organization’s C-suite and board members, making it even harder to secure necessary budgets.

Luckily, a majority of those in charge of security operations (65%) see the potential benefits of hiring from a wider and more diverse pool of talent to help alleviate stress. Additionally, 35% said they would be open to using a third-party security provider to introduce diversity and lessen the workload. Utilizing a managed security service provider (MSSP) allows companies to partially outsource their security requirements and quickly gain access to a diverse range of skills and knowledge. While outsourcing may not be feasible for all organizations, a combination of both approaches could lead to great success.

Investing in strategies that prioritize the well-being and mental health of team members, such as implementing workplace wellness programs, can significantly improve the overall experience of current teams. This can result in increased engagement and job satisfaction, ultimately leading to higher retention rates and a decrease in potential mistakes.

To learn more, go to the website www.adarma.com.

Please refer to the complete report for more information.

About Adarma

We are Adarma, leaders in detection and response services. We specialise in designing, building and managing cyber-security operations that deliver a measurable reduction in business risk. We are on a mission to make cyber-resilience a reality for organisations around the world.

Our dedicated team of cybersecurity experts collaborates closely with our clients to reduce risk and enhance the effectiveness of their investments in cybersecurity. Utilizing the Adarma Threat Management Platform and customized to fit each client’s unique requirements, our comprehensive range of services will enhance your overall security and include top-notch managed detection and response services.

We prioritize transparency and visibility in modern hybrid-SOC environments to safeguard our clients as they advance, evolve, and expand their companies. Adarma provides the necessary cyber-security results to create a significant impact.

The survey was conducted from May 15th to May 22nd, 2023.

Source: independent.co.uk