PostedThe State of the Security Team, we learned that many of the issues contributing to team stress pointed back to one critical element — the support of the executive team.Security teams are under more stress than ever. While that fact may not exactly make you fall out of your chair with surprise, our recent research report found that a whopping 75 percent of security professionals say they have more stress now than they did two years ago. So while the high levels of stress may not be shocking, the factors that are causing them to rise at such a significant rate are certainly worth digging into. In LogRhythm’s latest research,
So How Can We Help our SOC Team Deal with Mounting Stress Levels?
While escalating stress on the security teams may at first seem like an arbitrary thing, this is a significant issue for leadership to address. Our own CSO, James Carder, often says that working in security can feel like you are sitting on top of a powder keg that could explode at any time. Facing that strain on a daily basis can lead to rapid rates of burnout, apathy, turnover, and even higher amounts of mental health concerns in the security field.
A job in the SOC can feel like a thankless back office job that only gets recognition when things go wrong. For a space that already deals with staffing shortages, carrying the risk and organizational reputations on its back, and a job that is constantly changing, this is a recipe for disaster when it comes to having a healthy and high-functioning security team. So as a security community and as leaders, how can we work to turn the tide and make life better for our security experts? Based on our findings, here are five ways we can begin to make a positive impact:
1. Gain support and alignment from the executive board on the objectives of the security program and the business value it provides.
Having the support of the executive team and board is critical. In our research, we found that 57 percent of survey respondents said their program lacks proper executive support. However, when asked what makes a security professional want to leave their job, the respondents listed the lack of executive accountability as the primary reason they are on the hunt.
Gaining buy-in and alignment with the exec team is critical in making sure your program has the budget and resources it needs to be successful. It also ensures that the security team is representing the value it provides to the company’s leaders. This mutual level of understanding not only helps to ensure a successful security program, but it also smooths out other areas of potential friction for security teams in an organization (e.g., gaining support from other departments that need to comply with security mandates). Learn more about gaining support for your security program here.
2. Create a solid plan for your security operations centre.
The survey uncovered another resounding pain point: Security teams don’t have a great strategy when it comes to their tech. Sixty-eight percent of respondents acknowledged that they have overlapping security solutions, and 56 percent said that overlap is unplanned. Not only is this a big hit to an already strained security budget, but it also means that security teams are spending time they don’t have to maintain and integrate too many disparate solutions.
But even with all this tech on hand, a massive 92 percent of respondents said that they need additional preventative solutions to close security gaps, and 93 percent admitted that they lack the tools they need to detect known security threats. It’s no wonder our teams are frustrated — they have several tools to maintain that are doing the same or similar jobs, but they still can’t achieve their goal of detecting known security threats. Only 32 percent stated that they have a single place to visualize real-time threats. It isn’t sustainable that we ask teams that are short-staffed and under-resourced to maintain the technology that isn’t achieving the purpose of the SOC — and asking teams to connect the dots from system to system to quickly identify threats just isn’t working.
For many teams, fixing this issue may require taking a hard look at the existing tech stack, identifying the overlaps, and prioritizing security ask to fill in the gaps. Even if you are working with limited resources, building a solid plan for your security operations centre can help your teams get out of this tech tailspin. You can learn more about how to build a plan for your SOC here.
3. Make a plan to recruit and hire skilled security talent to build a strong team.
Heading into 2020, more than half of security teams said they are facing a talent shortage. If your team is constantly struggling to find and retain top talent, having a plan in place for your staffing models, budget, and how these align with your organizational goals can help to steady the ship. You can get more tips on hiring for your SOC here, as well as some job description templates to get you started.
4. If you are part of the board or executive team, do your part to set the cybersecurity program up for success.
Too often, the cybersecurity program is an afterthought to a company’s overall strategy. Even leadership roles like CISO and CSO, which should be seen as strategic leaders, are sometimes viewed as purely technical roles. This may have worked in the past, but the reality of cyber risk demands that this notion change. Matt Doan put this aptly in The Harvard Business Review when he wrote, “It’s time for boards and C-suite executives to reset their expectations of how cybersecurity is positioned and what a cyber leader is.” Cybersecurity leaders need to have as much influence in an organization as their peers, and they need the CEO and board to recognize that a good cybersecurity strategy is essential to a business’s success.
5. Know that security is everyone’s responsibility.
Even if your role is outside the SOC, it’s important to educate yourself on security best practices to help your organization avoid cyber risk. Anyone who has access to an organization’s physical facilities and digital systems can be the weakest link for an attacker to leverage. Understanding how to avoid common pitfalls and risks will help to make your security team’s life a little easier. These free security awareness posters can help keep best practices top of mind.
No matter if you are the CISO, the CEO, a board member, an engineer, or a marketer, security is everyone’s responsibility. Learn more about the challenges affecting security teams and ways you can help in our new research: The State of the Security Team: Are Executives the Problem?