Maksim Kabakou - Fotolia
Security Think Tank: CISOs must adapt to fight Covid-19 burnout
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout?
As Covid-19 sweeps across the globe, it forced many organisations to undergo an immediate digital transformation, whether they were ready for it or not. A paradigm shift to nearly 100% teleworking has changed many aspects of how people work, collaborate, access data and even rethink what work-life balance really means.
While some organisations may be better prepared than others, the cyber security challenges and risks still matter greatly to all organisations. Cyber security operations teams had to quickly pivot to stay ahead of the rapidly evolving Covid-19 related threats to protect organisational data effectively. These changes, coupled with existing cyber expectations and challenges, can dramatically increase the workload for cyber security professionals.
The Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre (NCSC) have seen a substantial increase in Covid-19 cyber security threats.
Phishing attacks leveraging pandemic themes are actively targeting businesses of all sizes. Bad actors are conducting sophisticated phishing that preys on the emotions of fear and uncertainty to compromise susceptible users to gain a foothold within an organisation’s network that can be further exploited.
The unfamiliar teleworking conditions for many employees make them more susceptible to malicious content or honest mistakes. These risks drive up the demands on cyber security teams significantly and place a burden on an already stretched workforce.
Managers must adapt
The increased level of effort and sustained onus put on cyber security teams is alarming, not only from the standpoint of protecting the organisation’s sensitive data, but maintaining the wellbeing of each person is now a greater concern than ever before.
Managers accustomed to face-to-face interaction to keep tabs on the well-being of their team now have to use different communication techniques to keep a pulse on how well staff members are faring. It takes more time to have regular interactions and can be more difficult to tell when someone is stressed or feels overloaded.
Furthermore, managers may not be able to help relieve pressure from the fallout of other aspects of life such as schools closing, illness, or childcare not being available that adversely impact their team’s availability.
Regardless, managers still must be cognizant and understanding of these concerns and potential impacts on operations. Contingency planning and transparency for staff absences enables teams to adapt quicker and be less impacted under temporary staff shortages.
Supportive management can make all the difference during challenging and uncertain times. Effective communication and prioritisation can go a long way to relieve concerns and pressure from staff, and to understand each person’s unique situation.
Periodic check-ins with each person and similar meaningful gestures convey to staff that their management cares about them. Providing staff with recognition for their efforts or identifying creative ways to demonstrate their contributions also are meaningful and can increase morale.
Rethink the work-life balance
When you are working from home every day, work-life balance takes on a new meaning entirely. It is easy to have the time saved commuting be absorbed by additional work or responsibilities around the home. The typical start and end time to the workday gets blurred without those traditional break points in the day.
The intensity and demands of cyber operations, off hours alerts, or maintenance windows can add up fast. It is crucial for IT professionals to maintain self-awareness of how much they are working to avoid fatigue and burnout.
Each person handles the changes associated with Covid-19 differently and it is important to identify mechanisms that best suit your own wellbeing. Some approaches each person should consider:
- Taking short breaks between tasks or predefined intervals.
- Set boundaries.
- Make it a point to talk to peers on the phone and/or video chat to maintain connections and reduce the feel of isolation.
- Get a breath of fresh air if possible.
- Identify a new exercise routine or dedicate some time each day to fitness.
- Prioritise good sleep habits.
- Identify ways to increase automation of time consuming repeatable tasks to focus on higher-value challenges.
- Proactively communicate with your management.
- Take time off to recharge.
Covid-19 has presented us all with unique challenges to overcome and the emotional toll it can take on many people is not easily quantifiable or realised until it is too late.
Despite all the pressures related to protecting organisational data and networks, we must prioritise our own wellbeing or our ability to provide effective cyber operations will steadily erode.