With the enormous surge in remote working and the urgency around digital transformation, it’s no surprise that cybersecurity teams are feeling stressed and burned out. They’ve been under the pump to secure hurriedly-deployed remote working systems and keep their organisation safe from increasingly-vicious cyber attacks and careless employees who hold a dim view of the security concerns involved.
To keep the cybersecurity ship on course, security teams need to step back and make a plan for maximising their capabilities without burning out in the process. Here are four ways to do exactly that.
1. Declutter your security environment
Do you really need that many cybersecurity platforms and apps and tools? There are so many cybersecurity tools available today that it’s all too easy to wind up with a messy portfolio of different tools from different vendors.
"Studies have shown that companies may have up to 70 different security vendors installed in their company to solve problems." - Ronny Guillaume, Cisco Systems
Respondents to IBM's Annual Cyber Resilient Organisation Report for 2020, who reported using more than 50 security tools, ranked themselves 8% lower in their ability to detect and 7% lower in their ability to respond to an attack than those respondents with fewer tools. IT managers need to audit their tools list and keep only the essentials. This is a strategic decision: no one can defend against 100% of all attacks, and trying to include a tool for every contingency is just not possible. Instead, focus on your critical threat areas and where the biggest security gains are likely to come from.
2. Consider solution suites from a single provider
Many security providers offer solution suites for enterprises. For many organisations, this may be a more effective option. Sourcing a group of tools from the same vendor will not only create cost efficiencies but will also cut down on training and onboarding costs for your staff. It will also save you from the time and costs of finding, vetting and managing a new provider.
3. Extend your team’s capabilities with cybersecurity automation
The manual tasks of managing cybersecurity tools can be extremely time-consuming. The bulk of tasks are often low-level and repetitive, distracting skilled workers from more critical tasks. Let automated tools take over the busywork so that your team can focus their attention on the important stuff. Time savings aside, automation is becoming essential to effective threat defence. Attackers are automating their attacks, making manual responses too slow to be effective. Here’s a primer on what you need to know to get started with cybersecurity automation.
4. Invest in training for the right skills
It’s important that the mix of skills and the skill levels in your cybersecurity team are aligned to both your tech stack and the level of business risk involved. Every organisation is different, but there is some consensus on the skills mix for an “ideal” cybersecurity team. The (ISC)2 Cybersecurity Workforce Study, 2019 of over 3000 cybersecurity professionals from around the world found security operations to be the dominant role, accounting for 22% of roles, and forensics the smallest, accounting for 9% of roles. You’ll need to map out the cyber risks for each critical business function, then tally them with the skills in your current team. That should give a clear direction on where (and who) to upskill and how.
While these tips won’t magically transform your cybersecurity team overnight, they will enhance their capabilities and enable them to accomplish far more with what they have, as well as managing their risk of getting burned out. Good luck!