Mental Health of Cybersecurity professionals || Increase in nation state attacks
CyberInsights #61
Stress and anxiety in cybersecurity is rising
Skill shortage only exacerbates this.
It’s Friday evening. As you prepare to close all the open tabs you also mentally accept the fact that you are never going to read those articles once the tabs close. Out of habit, you do one final “Send/ Receive” of your mail before signing off. There is a familiar ‘ting’ from your laptop. An incident has been reported.
It’s part of the job.
The investigation has to begin immediately. There are decisions to be made. Board members to be informed. Regulators to be notified. Customers to be assuaged. Before that, you have to have long conversations with the server team, the network team, the software development team and the SOC. You heave a sigh of despair and settle down for the weekend…
Every cybersecurity professional has had to go through this multiple times. Sometimes to investigate incidents, or worse - to prepare presentation for the board.
The challenge for the cybersecurity professional is not responding to the incident. It is the sheer pressure of having impossible deadlines and multitude of reporting.
This article, aptly titled “A mental health minefield” has begun the discussion on this very important issue.
Here is a paragraph verbatim from the article:
“Even before the Great Resignation became a trending topic for business execs across the globe, the cyber security sector was deep in a skills crisis. In 2021 the global cyber security skills shortfall stood at 2.7 million workers globally, including nearly 200,000 in Europe and 33,000 in the UK. It’s especially tough on security operations (SecOps) teams working through mounting challenges in the security operations centre / center (SOC). Research shows that over two-thirds (67 percent) of security leaders feel they don’t have enough talent on their team. This puts them in a vicious circle of continuous firefighting, which in turn increases the strain on mental health.”
The frontlines of cybersecurity are mentally challenging. Security alerts are thrown at you at impossible speeds. Incident analysis is days and days of combing through logs. Tracking of patches and fixes is somehow the infosec guy’s job.
Add to that audit fatigue. Cybersecurity is probably the most audited department in the company. Here you have a recipe for disaster!
Take Action:
First, recognise that mental health is a concern. If you are a CISO, keep a tab on the hours that your team works. Keep a tab on the deadlines - filter out the unreasonable ones.
Then, discuss with your teams about mental health. Find out what can be done to improve it. While dividing tasks among team members, also consider the mental pressures required to complete the job.
Nation State attacks on the rise
Albania has severed diplomatic ties with Iran over alleged cyber attacks.
The Albanian prime minister, Mr. Edi Rama, made the following televised statement:
Iran has denied this. However, the US has imposed further sanctions on Iran over this.
Meanwhile, a Palestinian hacktivist group has claimed credit for compromising Israel run PLCs.
Nation state attacks are now the norm, rather than the exception. It’s far easier and stealthier, not to mention cheaper, to indulge in cyber attacks than regular ones.
Take Action:
If you are considered critical information infrastructure in your country, then consider nation state attacks as a key component of your threat model while conducing a risk assessment.
Figure out if you are anywhere in the attack chain. You could be a key supplier to critical infrastructure or a data centre storing critical information data.
Follow the updates from your country’s critical information infrastructure group. If you are in India, follow NCIIPC - the National Critical Information Infrastructure Protection Centre.
Enjoyed reading? Receive this in your email every week.