Suffering from ‘cyber fatigue’? You’re not alone.
Cyber security can cause people to feel overwhelmed, out of their depth and powerless to manage the threats they face today. That's why 'cyber fatigue' is such a common problem.
Cisco addresses this problem in their sixth annual CISO Benchmark Study, which provides an insight into the challenges facing over 2,800 security professionals from 13 countries globally. Issues such as unpatched vulnerabilities, zero trust, and cloud security are covered in the report. But it is cyber fatigue that particularly interested us at teiss.
What is cyber fatigue? It is defined by the study as 'virtually giving up on proactively defending against malicious actors'. Obviously it can really have a harmful impact on organisations. And 42% of respondents were reported to be suffering from cyber security fatigue.
What causes cyber fatigue?
Almost all (96%) of those suffering from cyber fatigue complain that managing a multi-vendor environment can be extremely challenging. There seems to be a strong relationship between multi-vendor environments and growing fatigue. This complexity is the main cause of burnout.
Too many alerts are also proven to exacerbate cyber fatigue. Out of the people suffering from cyber fatigue, 93% of them receive more than 5,000 alerts every day. As alerts increase over the years, so does cyber fatigue.
A third cause of cyber fatigue, perhaps unsurprisingly, is suffering a major and extended cyber breach, with the number of hours of downtime influencing the extent of the fatigue.
How to cure cyber fatigue
How can cyber fatigue be lessened? Because the complexity of security resource management is one of the reasons for cyber security fatigue, outsourcing this management might help. Another strategy is to simplify supply chains.
Steve Martino, Senior Vice President and CISO at Cisco, says: “As organizations increasingly embrace digital transformation, CISOs are placing higher priority in adopting new security technologies to reduce exposure against malicious actors and threats. Often, many of these solutions don’t integrate, creating substantial complexity in managing their security environment. To address this issue, security professionals will continue steady movement towards vendor consolidation."
Another solution is automation, which could be the answer to coping with the volume of alerts. The study explains: 'Automation enables policies to be enforced more consistently, quickly, and efficiently. When a device is determined to be infected or vulnerable, it’s automatically quarantined or denied access with no action required from an administrator'.
And finally fatigue should be reduced as security improves. Increasing reliance on cloud security and automation to strengthen their security posture will reduce the risk of breaches and along with it the fatigue arising from them.
Ultimately, cyber fatigue is a very real and human response to a complex problem. Security leaders need to accept this, looking for ways to reduce stress and burnout if they wish to prevent cyber fatigue from contributing to major security breaches.
source teissIndustry: Cyber Security News
Latest Jobs
-
- Outside IR 35 CONTRACT SC CLEARED Cyber Security Operations Analyst SPLUNK ES- UK REMOTE- £500 a day.
- N/A
- 500
-
6 month contract Outside IR35 Operational Cyber Security Analyst. Hands on Splunk Security Enterprise and Security clearance is required As is someone that holds SC clearance. SOC and Vulnerability management experience. Vulnerability Analysis / Management - Tenable
-
- SailPoint Consultant
- Sweden
- Upto €80,000
-
SailPoint Consultant is need for this rapidly expanding global business, The business is currently in the middle of a SailPoint Deployment, they require an experienced Consultant who is able to help them on this Journey You will be responsible for helping to configure and deploy SailPoint as well as on board applications onto the platform You will also work with the business to understand workflow and process to help align the way the business works to ensure that the business gets the most from the deployment We are looking for an experienced SailPoint consultant who has experience with both Deployment and BAU work and is interested in joining a business which is at the start of an interesting IAM Journey
-
- SOC Manager Security Operations. SIEM, Threat / Vulnerability, IR, SOC Service- Exclusive
- United Kingdom
- 90,000+
-
SOC Manager- SIEM, Threat / Vulnerability, Incident response. Exclusive Project. Management and on growth growth of Security Operations Centre capability. Managing and maturing the team, technical services line and fronting client engagements where needed. An in-depth technical background is essential, experience across SOC SIEM/ Threat Hunting (IR) tools, processes, techniques, operational is a MUST. The role will include, but not limited to; evolving the technical process, building operational capability, managing and hiring team, involved at a high level overviewing policy/playbooks, fine turning of the go-to-market collateral etc.
-
- Contact 12 month- Security Operations- Tanium Engineer / Analyst.
- United Kingdom
- Dependent on experience
-
Security Operations engineer / Analyst with Tanium for a 12 month contract. Experience configuring using, managing, supporting troubleshooting Tanium's suite of end point solutions is essential. The opportunity is due to a client expanding its international capability to a follow the sun model. To be involved in spinning up a European capability. Based in the UK. English essential and ideally being fluent in French.