Security ops teams struggle to switch off at home

by Joseph K. Clark

According to a new study compiled for Trend Micro, the security operations center (SOC) and IT security teams are reeling from high-stress levels and cannot switch off when the working day is done.

The poll of 2,303 IT security and SOC decision-makers spanned organizations large and small across multiple verticals. Still, regardless of business size or specialism, it found that 70% of respondents felt their work managing threat alerts emotionally impacted their personal lives once they were off the clock.

Many managers said the high volumes of alerts left them unable to switch off or relax and irritable around friends and family. At work, they tended to be more likely to turn off alerts – 43% said they did so occasionally or frequently – walk away from their computers, hope a colleague steps in, or ignore the warning, increasing their organization’s risk exposure.

A total of 51% of respondents said they felt their team was being overwhelmed by alert volume, and slightly more, 55%, said they were not entirely confident in their ability to prioritize and respond to alerts – as much as a quarter of all the time on the job was spent dealing with false positives.

home

Commenting on Trend Micro’s findings, security expert and author Victoria Baines said: “We are used to cybering security being described in terms of people, process, and technology. People are often portrayed as a vulnerability rather than an asset, and technical defenses are prioritized over human resilience.

“It is high time we renewed our investment in human security assets. That means looking after our colleagues and teams and ensuring they have tools that allow them to focus on what humans do best.”

Trend Micro’s Bharat Mistry added: “SOC team members play a crucial role on the cyber front line, managing and responding to threat alerts to keep their organizations safe from potentially catastrophic breaches. But as this research shows, that pressure sometimes comes at an enormous personal cost.

“To avoid losing their best people to burnout, organizations must look to more sophisticated threat detection and response platforms that can intelligently correlate and prioritize alerts. This will improve overall protection and enhance analyst productivity and job satisfaction levels.”

Stress and burnout have become a perennial issues for security professionals, even more so during the Covid-19 pandemic, as was demonstrated by a recent survey of members of ClubCISO, a private members forum. Over 60% of those surveyed in that instance said they had experienced increased stress during the past 12 months, and many said the direct reports on their teams felt the same way. Even now, as vaccination programs ramp up and governments begin to chart a way forward, a number still said their security teams were experiencing “unbearable” stress believing this damaging their ability to function as needed.

Related Posts