Matt Rider, VP of Security Engineering EMEA at Exabeam, discusses the effects of the pandemic and remote work, ways in which organizations can improve company morale, and the impact this will have on security resilience.
The global pandemic may have dominated headlines for much of the last 18 months, but the virus itself is far from the only challenge businesses have faced during that time. As we approach the end of 2021, light grows at the end of the Covid-19 tunnel; it’s important to take stock of how our working lives have changed during the pandemic and what, if any, impact this has had on an organization’s cybersecurity posture.
Everything, from personal wellbeing and future promotion prospects to team changes and the growth of remote working, has the potential to negatively impact overall morale, leading to disgruntled or disenfranchized employees that pose a major security threat to their organizations.
Leading from the top
There are many ways companies can address these factors and improve company morale, but to be successful, it’s imperative that senior leadership is also on board. A strong sense of team spirit – led from the top – can overcome so many barriers, be it the sense of isolation that comes from over a year of home working, unexpected team departures, reshuffles or even data breaches themselves. Strong communication really is the glue that binds everyone together, particularly during tough times.
Something as simple as checking in regularly with employees is a great place to start, making sure they are okay and encouraging them to destress whenever possible. Small, light-hearted initiatives, ranging from virtual meditation to online happy hours, can also have a big effect. More advanced activities such as mentorship programmes and building new communities within the workforce offer the potential for longer-lasting benefits.
Whatever path is chosen, managers and employees must all work towards transparent and shared business objectives. If this happens, performances will improve, as will trust in leadership. But perhaps importantly, loyalty and passion for work will grow, strengthening the overall security posture in the process.
Be vigilant for signs of employee burnout
A recent Exabeam study found that during the early days of the pandemic, more than 75% of businesses were forced to furlough members of their security team, despite cyber threats rising exponentially during the same period. For non-furloughed staff, this led to significantly higher stress levels as they were forced to do more with less, including fighting new, unknown cyber threats. This issue was further compounded by remote working, making it harder to collaborate effectively with colleagues and communicate with other departments as needed.
The blurred lines between work life and home life also mean employees throughout the security operations centre (SOC) have been working longer hours and finding it tough to switch off outside of this. As employees continue to juggle their jobs with the distractions of remote working, burnout must be on every business leader’s radar. Boundaries should be set with work schedules and flexible hours offered to those who need them. In short, leaders need to listen to their employees’ needs. Fatigue across departments can lead to costly mistakes such as falling for phishing emails, and on the security side, it can be the difference between an employee spotting or missing key attack indicators.
Regular security training helps keep employees alert to new (and old) threats
Conducting regular cybersecurity training, is another cost-effective way of reducing risk and minimizing the chances of careless actions, such as forgetting to log out of a work computer or using weak passwords, leading to a major breach. It also serves as an opportunity to remind administrators to change default passwords and apply security patches.
Carrying out periodic anti-phishing training exercises is another great tactic, particularly among remote workers. This entails sending phishing emails out across the organization and looking for any users that fall for them. Once identified, these users can be given additional training, helping prevent them from falling for genuine attacks and unwittingly becoming compromised insiders.
Bad actors responded extremely quickly to the opportunity presented by the first lockdown and the subsequent, rapidly enforced home-working to create a raft of phishing campaigns and misinformation websites hosting malware – at its peak, over 5,000 COVID-19 related domains were being registered per day during March 2020. Fear, uncertainty and doubt alters the behavior of even the savviest end-users, even more so when we’re isolated at home, where the casual but often vital, ‘Hey Polly, have you seen this weird email as well?’ isn’t possible.
The benefits of cybersecurity also extend basic safeguarding. It can help employees develop new skills, spark interest, and even open up new career paths for those with a particular interest in the topic, which can be invaluable in the face of the ongoing global cybersecurity skills shortage.
Empower employees by giving them the tools needed to succeed
For businesses operating with smaller teams, or still dealing with staff absences, automation tools can also play a huge role in helping to mitigate threats and improve future business prospects. User and entity behaviour analytics (UEBA) is one such tool that tracks, collects, and analyses user and machine data to detect potential breaches. It does this by establishing ‘benchmarks’ for normal behaviour over a period of time, then automatically flagging any behaviour that deviates too far from these benchmarks.
As a result, UEBA can spot unusual online behaviours, such as logging in at strange times/locations, uploading or downloading large amounts of data, or the same credentials being used by multiple users, all of which are tell-tale signs of insider threats. More importantly, UEBA can often spot these behaviours before criminals have gained access to critical systems.
- The top 20 essential Docker container security practices
- Risk Before Popularity: 4 Factors for Determining Security Vulnerability
- Putting privacy and security at the heart of digital meetings
- Importance of AI in IoT Security
Even before the COVID-19 pandemic, cybersecurity was a challenging industry to work in. But after over 18 months of business disruption, furlough and job losses, combined with a significant rise in the number and variety of cyberthreats out there, it’s become harder than ever for organizations to stay ahead of attackers. While tools and technology can play a big role in helping offset some of these challenges, prioritizing employee wellbeing, education and company culture can play an equally important role, which mustn’t be overlooked.