With increasing regulatory scrutiny accompanying the rising incidence of cyber threats in the post-pandemic landscape, security professionals are feeling the heat. Over 72% of security analysts in Singapore are feeling overwhelmed, with one in five frequently ignoring security alerts, according to a study by Trend Micro on the mental well-being of cyber security professionals.
Organisations can no longer ignore this growing epidemic of fatigued and chronically stressed cyber security professionals, which has affected their ability to stay vigilant and responsive in a fast-evolving threat environment with increasingly sophisticated cybercriminals.
Increased pressure and stakes
Today’s changing digital landscape has fundamentally redefined and expanded the scope of cyber security surveillance. The rise of the remote workplace has created a complex environment of remote working endpoints, cloud apps, and IoT devices. As a result, cybersecurity professionals are faced with increasing job scopes and staggering alert volumes.
Over half (51%) of IT security decision-makers globally indicated that their teams were drowning in alerts, while 70% of cybersecurity professionals said they feel emotionally affected by their work and 55% admitted they were not confident in their ability to prioritise or respond to these alerts.
Needless to say, alert fatigue increases the chances of a catastrophic breach. Some will slip through without being properly investigated and be incorrectly dismissed as false negatives, while many more will turn out to be false alarms that consume over a quarter (27%) of security operations time on average.
Asia Pacific simply cannot afford to lose more talent to burnout as the shortage of cyber security frontliners becomes more acute.
Be properly equipped
To mitigate alert fatigue, cyber security leaders need to leverage improved cyber security tooling to minimise burnout and address the emotional toll on security analysts in today’s risk landscape.
Over the years, many APAC organisations have accumulated various security tools, and each point solution generates large quantities of alerts daily. Without regular efforts and the right expertise to optimise these solutions, they may end up being counterproductive to identifying and remediating real threats.
Organisations should look to a common platform to prioritise and correlate alerts across various layers of IT infrastructure including email, endpoints, servers, cloud workloads. This helps security analysts to filter out the noise and work more efficiently, while better supporting remote workers in a secure environment.
Relieving the burden of mundane, repetitive tasks can significantly reduce security analysts’ workloads. Using managed services for automated threat detection and response solutions empowers security teams to perform more comprehensive and effective threat investigations without all the tedious legwork and burden of regular tool optimisation.
Create a sustainable security culture
Investing in the right solutions is a crucial starting point, but alert fatigue is both a technical and process problem. Cyber security leaders and top management also need to develop a better workplace culture.
Offering security analysts regular job and task rotation introduces variation in daily assignments to help combat alert fatigue. On the other hand, incorporating rewarding training and project opportunities helps to further personal and career development, improving job satisfaction along with the overall team’s capabilities.
For instance, managers could alternate days assigned to alert monitoring with management reporting, projects, threat hunting and intelligence, and regular cross-functional training, rotating analysts to ensure consistent monitoring coverage. Alternatively, managers could allocate analysts to specific tasks for four-hour blocks of time, rotating among personnel to ensure no one spends more than four concurrent hours or eight hours in total per day on alert monitoring.
Managers should also take a more proactive approach to prioritise employee wellness and identify early signs out burnout by building stronger relationships with and among security teams, fostering open communication, and offering flexible work arrangements to support healthier work-life balance.
It is only with happier and more productive employees, empowered with the confidence to detect and remediate serious breaches at speed, that business leaders can invest more productively in new digital initiatives to drive innovation and growth. In a protracted post-pandemic recovery, this is the critical factor that will set apart companies that thrive from those that merely survive.
Nilesh Jain is Vice President, Southeast Asia & India at Trend Micro