How cyber security teams can conquer the four-day working week

When switching off is not an option

We all know the cyber team is critical to sustaining business continuity. If the past two years have proved anything, it is that no organisation in any industry is immune to cyber crime. From attacks targeting government bodies and charities to food manufacturers and their supply chains, all companies are at risk. And that risk isn’t limited to working days or business hours.

In 2021, for example, the REvil ransomware gang took advantage of the US’s fourth of July holiday as a distraction. This Kaseya attack, notably recognised as one of the biggest cyber attacks of the year, affected between 800 and 1,500 businesses worldwide, as well as demanding $70m to provide a universal decryptor key for all affected organisations. The financial impact of a breach can be deeply damaging to a business, not to mention the reputational impact.

The pandemic has also underlined the pressure on cyber skills and resources. Organisations have expanded their roster of connected services and devices to digitally transform and adapt to the challenges of Covid-19. With this came new security vulnerabilities for attackers to gain entry, exploit and cripple businesses.

In some part, teams have been successful in taking on the dual mission of supporting business continuity and protecting the enterprise and its customers. But the digital skills gap persists. So, with the added pressures of new technologies, yet limited staff, how does an IT team meet the cyber needs of its organisation in a condensed week?

Balancing act: symbiosis between technology and humans

Humans alone can only do so much. In the field of cyber security, an overworked and thinly stretched IT team can open organisations to greater threats than necessary. Alert fatigue is a genuine challenge for IT teams managing cyber security solutions, where sharp focus and a keen eye for spotting the genuine threats are key to successful protection.

Artificial intelligence (AI)-enhanced analytics can provide a human-like touch to alerts and threat vectors gathered from all endpoint feeds – including email, server, cloud and network sources – to detect, reduce time to respond and resolve major incidents as quickly as possible. With sophisticated algorithms, AI can spot malicious activity in minutes – slashing detection time to a much shorter window and flagging even the smallest concerns.

A BlackBerry study showed that, in half of businesses, IT staff are spending more than five hours a week administering and updating signature-based anti-virus solutions. Deploying AI-based solutions to automate signature-generation processes immediately reduces or eliminates this task, freeing almost a day a week of time in itself.

Such automated services also offer the option for teams to benefit from continuous monitoring of various attack surfaces to prevent malicious malware and phishing attempts from attacking customer environments. In a condensed week, this can give cyber teams the confidence on non-working days that they won’t come back to a mountain of security alerts and potential breaches. The joys of the four-day week should encompass not having to worry about work on your days off.

Yes, the four-day week can be a reality for cyber teams

By outsourcing services and technologies to cyber security companies, cyber teams can partake in modern and sustainable work practices without compromising security. Designed to detect, respond and exercise a zero-trust attitude, technologies can act as an extension of today’s cyber teams. Options to outsource managed services further reduce the load on the in-house IT team and reinforce the knowledge that threats will not slip through the net while the staff are offline.

When 99% of incidents are “noise” and only 1% call for further investigation, outsourcing alert management can ease the way to reduce admin intervention and focus attention on the few alerts that absolutely matter. In this way, a reduced working week can be realistically achievable – even for a small team.

Having to always be “on” while adapting to this new way of working is not easy when any reduction in surveillance gives attackers ample leeway to strike. Cyber security is critical and not a function that can afford to stop working for any length of time at all.

The advantages of AI and the benefits of outsourcing or augmenting your team with threat management experts alleviates the ongoing pressures of cyber surveillance to make a shorter working week viable, even for this most critical of business functions.

Keiron Holyome is vice-president of the UK, Ireland and the Middle East at BlackBerry