The Human Side of Cybersecurity: Unmasking the Alarming Stress & Burnout
How Automation Technology is Reshaping Stress Management in Security Operations
Before getting into cybersecurity, did you think of yourself as a stress-resilient individual and now you realize that you are pushed to your limits? Well, it might not be just your problem. Recent research among 1,027 members of security teams in the U.S. and Europe found that 66% of respondents experience significant levels of stress at work, 51% got prescribed medication for their mental health, and 19% deal with stress by having three drinks daily. While similar reports and studies can be found in the majority of tech industries, which are transitioning from post-COVID-19 work patterns, what is significant is that when it comes to cybersecurity, you have an industry that reports a skilled worker shortage and a cybercrime rate increase from year to year. In such a context, the topic of stress and burnout prevention becomes essential for anyone investing their time to have a long-lasting cybersecurity career.
One of the significant challenges of working in cybersecurity is the vast amount of repetitive manual work when it comes to processing security alerts. Based on the 2020 State of SecOps and Automation report from Sumo Logic, which surveyed 427 IT security professionals, 70% of respondents stated that the volume of security alerts has more than doubled in the past five years. Moreover, 99% reported high volumes of alerts cause problems for IT security teams, and 83% say their security staff experiences “alert fatigue.” Alert fatigue, in particular, is cited as a major cause of burnout, high levels of stress, and even flight risk.
Automation is critical to help analysts process never-ending streams of alerts. SOC Prime allows you to access your content deployment and management from a single access point. For example, leading Managed Service Providers like Neurosoft report that their engineering teams have been able to reduce their false-positive rate by up to 50% using the SOC Prime Platform. They can now obtain detection algorithms for emerging threats in less than 24 hours and deploy detection content to their customers’ SIEM with minimum touch-ups, ultimately enabling SOC analysts to focus on the investigation of the incidents rather than combating alert fatigue. Neurosoft’s team is looking further into automating its security procedures using Attack Detective to perform an automated MITRE ATT&CK data audit in less than 300 seconds, gain real-time attack surface visibility, and accelerate threat investigation which can reduce the manual work burden on the team.
Another cause of stress for people working in cybersecurity is isolation and loneliness. There are various factors that contribute to this in the workplace. Working in cybersecurity requires a lot of self-study and self-improvement to get certifications and stay constantly updated on the latest threats. The majority of studies here are completed online with limited interaction with other students or teachers. Within their organizations, SOC Analysts could experience distrust and reluctance to connect with other colleagues just due to the fact that they are perceived as those who have access to a lot of personal information based on log access. Adverse side effects of loneliness and isolation stretch far from just feeling burnout, which impacts the quality and quantity of your work. Studies show that they can cause deficiencies in physical health and increase the risk of developing Coronary Heart Disease and stroke.
Networking with your peers outside of your organization is one of the ways you can combat the feelings of isolation. Some find live events or conventions to be the best way to get to know people, make connections, listen to speakers, and get recharged if they have been understimulated with routine in their current work. However, networking does not have to be expensive or time-consuming. Online communities can be a great source to find safe spaces for you to socialize the way you want. For example, a lot of users choose to stay anonymous on SOC Prime Discord Community while they ask questions, learning in their role. This might be helpful if you don’t feel safe asking the same from your superiors at work. However, we also give people an option to share their LinkedIn profile in dedicated channels and signal others that they are looking for new opportunities. It’s also a safe space to speak up about your daily struggles. Most of the challenges in the workplace we have in work are very common, so you can get extra insight from somebody who went through the same issues.
The power of information exchange can be a driving force to automate your daily SOC routine. By leveraging Uncoder AI, you can streamline detection engineering operations and build threat research on top of collective industry expertise to have more fun and less stress through reduced manual effort.