Suffering from ‘cyber fatigue’? You’re not alone.
Cyber security can cause people to feel overwhelmed, out of their depth and powerless to manage the threats they face today. That's why 'cyber fatigue' is such a common problem.
Cisco addresses this problem in their sixth annual CISO Benchmark Study, which provides an insight into the challenges facing over 2,800 security professionals from 13 countries globally. Issues such as unpatched vulnerabilities, zero trust, and cloud security are covered in the report. But it is cyber fatigue that particularly interested us at teiss.
What is cyber fatigue? It is defined by the study as 'virtually giving up on proactively defending against malicious actors'. Obviously it can really have a harmful impact on organisations. And 42% of respondents were reported to be suffering from cyber security fatigue.
What causes cyber fatigue?
Almost all (96%) of those suffering from cyber fatigue complain that managing a multi-vendor environment can be extremely challenging. There seems to be a strong relationship between multi-vendor environments and growing fatigue. This complexity is the main cause of burnout.
Too many alerts are also proven to exacerbate cyber fatigue. Out of the people suffering from cyber fatigue, 93% of them receive more than 5,000 alerts every day. As alerts increase over the years, so does cyber fatigue.
A third cause of cyber fatigue, perhaps unsurprisingly, is suffering a major and extended cyber breach, with the number of hours of downtime influencing the extent of the fatigue.
How to cure cyber fatigue
How can cyber fatigue be lessened? Because the complexity of security resource management is one of the reasons for cyber security fatigue, outsourcing this management might help. Another strategy is to simplify supply chains.
Steve Martino, Senior Vice President and CISO at Cisco, says: “As organizations increasingly embrace digital transformation, CISOs are placing higher priority in adopting new security technologies to reduce exposure against malicious actors and threats. Often, many of these solutions don’t integrate, creating substantial complexity in managing their security environment. To address this issue, security professionals will continue steady movement towards vendor consolidation."
Another solution is automation, which could be the answer to coping with the volume of alerts. The study explains: 'Automation enables policies to be enforced more consistently, quickly, and efficiently. When a device is determined to be infected or vulnerable, it’s automatically quarantined or denied access with no action required from an administrator'.
And finally fatigue should be reduced as security improves. Increasing reliance on cloud security and automation to strengthen their security posture will reduce the risk of breaches and along with it the fatigue arising from them.
Ultimately, cyber fatigue is a very real and human response to a complex problem. Security leaders need to accept this, looking for ways to reduce stress and burnout if they wish to prevent cyber fatigue from contributing to major security breaches.
source teissLatest Jobs
-
- Director Cyber Security Consulting Medical / Biotech / Biopharma. United Kingdom
- United Kingdom
- Generous salary, uncapped bonus, travel and usual benefits.
-
CH8431 Director Cyber Security Consulting Medical / Biotech / Biopharma. United Kingdom Looking to make Security Partner within 2-3 years? Do you have current experience selling / delivering cyber consulting & advisory services into Medical / Biotech / Biopharma? If so, we would like to speak with you. Apply today for a discreet conversation. This is a UK based opportunity. Current Cyber security consulting experience is essential, as is a network into the Pharmaceutical / Healthcare industry. Package- Generous salary, uncapped bonus, travel and usual benefits. 07884666351 | chris.holt@dclsearch.com
-
- Director Cyber Security Consulting Pharmaceutical / Healthcare. United Kingdom
- United Kingdom
- Generous salary, uncapped bonus, travel and usual benefits.
-
CH8430 Director Cyber Security Consulting Pharmaceutical / Healthcare. United Kingdom Looking to make Security Partner within 2-3 years? Do you have current experience selling / delivering cyber consulting & advisory services into Pharmaceutical / Healthcare? If so, we would like to speak with you. Apply today for a discreet conversation. This is a UK based opportunity. Current Cyber security consulting experience is essential, as is a network into the Pharmaceutical / Healthcare industry. Package- Generous salary, uncapped bonus, travel and usual benefits. 07884666351 | chris.holt@dclsearch.com
-
- InfoSec Analyst | London | Financial Services | Hybrid
- London
- N/A
-
InfoSec Analyst | London | Financial Services | Hybrid Governance Risk & Compliance InfoSec Analyst needed to join a Financial Services business in London. This is an internal role- prior experience working within a regulated Financial service environment is essential. Duties of the role will include, but not be limited to; ISMS management / policy enhancement Risk management Data privacy Liaising with internal stakeholders / external suppliers ISO27001 experience is essential- as is previous Financial Service. We aren't badge hunting- but the likes of CISSP, CISM etc are always desirable. Must be commutable to London. Not able to offer sponsorship Exclusive to DCL Search. Apply here today Click to chat via whatsapp https://wa.me/message/6USF5RAQBOZIP1 chris.holt@dclsearch.com 07884666351
-
- Data Privacy Lead. Client Facing London. Permanent.
- London
- N/A
-
Data Privacy Lead. Client Facing London. Permanent. London based client facing. Must be eligible to undergo UK Security Clearance (SC) Key Responsibilities: Lead and support client facing data privacy projects. Assess compliance, define and deliver strategic projects / implement privacy solutions. Manage project teams and develop business opportunities. Required Experience: Experience in data protection and privacy standards. Background in consulting. Skills and Qualifications: Business consulting experience IAPPPrivacy Manager / Privacy Technologist Location Greater London UK based role. Not able to provide VISA sponsorship.