A/NZ security teams overwhelmed by threats, face risk of burnout
A significant number of security operations centre (SOC) teams in Australia and New Zealand are emotionally overwhelmed by the volumes of security alerts.
This is according to a new study by Trend Micro, which looks at SOC and IT security teams in Australia and New Zealand dealing with high levels of stress outside of the working day.
According to the study, two thirds (66%) of respondents say their home lives are being emotionally impacted by their work managing IT threat alerts.
This comes as three in five (60%) feel their team is being overwhelmed by the volume of alerts and 43% admit that they aren't entirely confident in their ability to prioritise and respond to them.
The study also finds that teams are spending on average 26% of their time dealing with false positives.
These findings are corroborated by a recent Forrester study, which found that security teams are heavily understaffed when it comes to incident response, even as they face more attacks.
Outside of work, the high volumes of alerts leave many SOC managers unable to switch off or relax, and irritable with friends and family.
Inside work, they cause individuals to turn off alerts (45% do so occasionally or frequently), walk away from their computer (49%), hope another team member will step in (57%), or ignore what is coming in entirely (45%).
With a significant 66% of respondents already dealing with a breach or expecting one within the year, and the estimated average cost per breach USD$235,000, the consequences of such actions could be significant, the researchers state.
Dr. Victoria Baines, Cybersecurity researcher and author, says, "We're used to cybersecurity being described in terms of people, process and technology.
"All too often, though, people are portrayed as a vulnerability rather than an asset, and technical defences are prioritised over human resilience. It's high time we renewed our investment in our human security assets.
"That means looking after our colleagues and teams, and ensuring they have tools that allow them to focus on what humans do best."
Trend Micro technical director A/NZ Mick McCluney says, “SOC team members play a crucial role on the cyber frontline, managing and responding to threat alerts to keep their organisations safe from potentially catastrophic breaches.
"But as this research shows, that pressure sometimes comes at an enormous personal cost.
"To avoid losing their best people to burnout especially as Australia and New Zealand face ongoing cybersecurity talent shortages organisations must look to more sophisticated threat detection and response platforms that can intelligently correlate and prioritise alerts.
"This will not only improve overall protection but also enhance analyst productivity and job satisfaction levels.”
The study is based on interviews with 2,303 IT security decision makers in 21 countries. This includes leaders who run SOC teams (85%) and those who manage SecOps from within their IT security team (15%).