70% of cybersecurity experts are under stress outside of working hours
Jay Radcliffe of Boston Scientific, known for hacking devices, said several cybersecurity experts committed suicide last year. Still, he chose not to name them out of respect for the relatives of the deceased's.
Radcliffe struggled with depression for a long time and talked about his mental illness struggle at Black Hat USA.
This decision came from the realization that many in the cybersecurity field face similar, often overlooked challenges.
Unfortunately, сyber security professionals face high workloads and stresses daily.
Vulnerabilities in the system, false alarms of security equipment, and most importantly, hackers make the life of InfoSec specialists as hot and exciting as a volcano.
As part of the study, Trend Micro interviewed 2,303 executives (including those responsible for information security and SOC departments) in companies from different industries.
70% of respondents said their life and emotional state outside of work is affected by the workload associated with processing alerts for potential cybersecurity threats.
At the same time, 51% of those surveyed believe that their team of specialists receives too many alerts, and 55% admit that they aren't entirely confident in their ability to correctly prioritize and respond to the notifications received from the system.
What prevents a cybersecurity specialist from sleeping peacefully and what to do if there is no more strength to work − you will find the answers to these and other questions right now!
Table of Contents:
Security specialists sacrifice their nerves, health, and sometimes even the most valuable − their lives.
So, one of the resonant cases in cyber security was the mysterious death of Barnaby Jack, a 35-year-old ethical hacker. He discovered vulnerabilities in ATMs, pacemakers, and insulin pumps.
Jack passed away a few days before his speech at the Black Hat conference in Las Vegas.
He planned to make a presentation on vulnerabilities in pacemakers, which allow remotely, at a distance of about 9 meters, to send a command to the pacemaker that will send an 830-volt shock to the heart and kill the patient.
Jack also found a way to reprogram the pacemaker so that death would occur after a specified time. In addition, he suggested that using a built-in wireless module; such a device could "infect" the pacemakers of other people in range and thus cause a deadly epidemic.
Jack first presented his findings at the BreakPoint hacker conference in Melbourne in October 2012.
Barnaby Jack became widely known in 2010 after reporting on vulnerabilities in ATMs that allow withdrawing all available cash. Later, ATM software developers fixed these vulnerabilities.
Before his death, Jack worked as a security specialist at IOActive. Many people who knew him expressed concern and regret over his mystic death, noting that he was a good person.
Jack's death is not the first death of an information security specialist.
A mysterious death also died Aaron Swartz − an Internet security activist who advocated the free flow of information. Officially, the cause of death of 26-year-old Schwartz was suicide.
However, users of social networks refuse to believe in the named cause of death. They believe that it was a deliberate murder due to the vigorous anti-hacking activities of activists.
A recent Forrester stud also corroborates Trend Micro's findings:
Information security departments are understaffed to provide effective incident response, and attacks are on the rise. Security Centers need more effective detection and response methods; thus, XDR systems provide a completely different approach than other tools on the market.
Many SOC managers find it difficult to relax outside of work due to the overwhelming number of warnings and may experience irritation, which they later take out on their families.
As a result, a cyber security specialist suffers from unnecessary stress and guilt towards his family for rude words; and a family that doesn't understand what's going on.
Found that during working hours, some security workers turn off warnings (43% do this from time to time), and also leave their workplace (43%) and hope that another team member will deal with the alarm system signals (50%).
There is a certain amount of rationality in this because many sensors (active and passive) of alarm systems are hypersensitive to individual components (for example, sudden temperature changes), so sometimes the security system can give a false call.
We are used to describing cybersecurity systems as talking about people, processes, and technology. However, people are often portrayed as part of a problem or vulnerability rather than an asset, and the technical aspect of protection is more important than human capabilities. It's time for us to resume our investment in human resources in the field of information security.
Dr. Victoria Baines, author, and researcher in the field of cybersecurity
74% of respondents have already faced successful cyberattacks or will have to deal with them within a year. The estimated average losses from each attack are estimated at $235,000, and the consequences can be catastrophic.
SOC team members play the first role in protecting infrastructure from cyber threats, as they must receive alerts of potential attacks and investigate incidents to avoid negative consequences for the organization. But this study shows that this pressure sometimes leads to extremely high levels of stress.
Bharat Mistry, a CTO at Trend Micro
Bharat Mistry also said that organizations must look for better platforms to detect and respond to threats to avoid losing top performers to burnout. These tools will help you intelligently correlate data from different sources and prioritize incident investigation.
This approach will increase system security and improve the productivity and job satisfaction of information security and SOC employees.
Moreover, stress at work often causes not only burnout but also health problems. Constant stress can lead to chronic diseases.
For example, a persistent state of anxiety can quickly raise blood pressure, which can stretch the walls of the veins. After a period of prolonged stress experienced by cybersecurity professionals, the problem can become severe.
For example, in the United States, 42-year-old Daniel Kaminski, a cybersecurity researcher who found and eliminated a critical vulnerability in the Internet structure, died of diabetic ketoacidosis. It was likely fatigue, stress, and anxiety that could provoke a deterioration in Daniel's health, which led to an exacerbation of chronic diseases and death.
Increased stress can also lead to serious mental health problems (for example, depression, paranoia, mania, etc.), which can have dire consequences.
As you can see, every working day of a cyber-security specialist is stressful. But what if you have no strength left at all? Don't panic! From my experience, I am convinced that there is a way out of emotional burnout.
When we find the lovely work, our soul burns, and all we want is to surrender ourselves entirely to the brainchild, which brings pleasure and profit.
But, you must admit that even the most beloved work can be disappointing if you don't have time for your personal life and rest.
If you want to be successful and happy, it is essential to maintain a work-life balance.
Dealing only with work issues, other areas of life can sink so much that one day you will look back and realize that you no longer have hobbies, friends, and family.
You no longer want to go to the cinema, theaters, and exhibitions; you don't want to travel and eat deliciously. You will turn into a robot − perfect but insensitive. I, of course, exaggerate a little, but you get the point.
Image source – facebook.com
I am sure that almost all of my readers have experienced emotional burnout at least once in their lives. How does it manifest itself?
So, here are several symptoms that indicate that you need to take a break:
- you have insomnia, or vice versa − you constantly want to sleep
- apathy, loss of interest in life
- lack of appetite
- irritability, gloom
- negativism: the world paints in gray tones
- indifference to loved ones
- lack of motivation
- desire to quit everything
- tearfulness, aggression
If you notice at least two points from this list, you need to take urgent measures to improve your emotional state!
I have compiled some valuable tips that I tried on myself and want them to help you too:
- If you feel apathy, lack of energy, and aversion to work − urgently take a vacation for at least a week and allow yourself to do nothing: turn off your mobile phone, limit reading the news, and protect yourself from negativity. Take yourself a school vacation (sometimes you can).
- Do what you've never done − try a new dish, take a trip to a neighboring city you've never been to, or try a new sport. New emotions trigger the release of dopamine, and, as a result, you will feel a surge of energy.
- Spend time with family and friends, ask about their affairs. If you take a break from your usual routine, you will see how diverse and beautiful the world around you is.
- Remember to eat healthy and balanced. Follow a healthy daily routine and eat plenty of foods that contain "happiness hormones" − chocolate, bananas, herbs, rice or pasta, green tea, turkey, etc.
The most important thing to do is shift the focus of attention from the problem and negative emotions to the world around you.
Don't get hung up on shades of gray − the world is much more interesting than you think.
Try to live by the new rules for a week, and you will see how much correct daily routine and a positive attitude will change your life!
Success in a career depends on the quality of sleep and rest. As much as we want to be perfect workers, we must never forget that we are not robots but ordinary people with our problems, mood swings, and bad days.
In the profession of a cyber specialist, it is essential to give yourself time for rest and personal life; otherwise, you can lose vitality and optimism.
My dear cyber enthusiasts, maybe you also know some secret tips for dealing with job burnout? Share your experience in the comments − perhaps your advice will inspire other people to new achievements.
Take care of your health!