Close your eyes and imagine an optimum state of happiness. People may envision different things — a beach, a hike through the woods, a family meal — but most cybersecurity teams are dreaming of what I like to call Cyberlandia: the optimum state of cyber readiness, with happy employees who feel empowered to face whatever threats they encounter.
Now open your eyes and picture our current world. The COVID-19 pandemic has impacted nearly every aspect of life. Cybersecurity practitioners, who already had daunting to-do lists, now have to defend an even wider attack surface as most organizations shift to conduct business remotely.
In fact, VMware Carbon Black analytics found that there’s been a 70 percent increase in remote work from February to April, with ransomware attacks increasing 148 percent over baseline levels from February to March. That’s a lot of responsibility for already understaffed teams.
During this pandemic, cybersecurity teams may be feeling like Cyberlandia is an impossible destination. But I’m here to tell you we can still get there. Here’s how:
Put people first
With the workforce now operating mostly remotely, it’s more important than ever to put people first. Cybersecurity business units have traditionally operated in silos with teams working behind closed doors, without any support, and for hours on end. In fact, 60 percent of CISOs admitted they rarely disconnect from work, with 88 percent working beyond traditional business hours, including weekends. This outdated approach to work hinders employee growth, which leads to cybersecurity professionals feeling dissatisfied.
Let’s get out ahead of this before the critical cybersecurity talent waves the white flag. Our work is important and evolving fast. We need to provide cybersecurity personnel with the right resources to flourish. This includes ensuring they have a mentor to speak with at all times, making room for learning and collaboration with other cyber professional through online forums and social media, giving them flexibility to walk away from the computer when they need a break and allowing them to actually use up their lunch hour.
Approximately 80 percent of employees, regardless of their industry, report feeling stressed because of ineffective company communication. In the cybersecurity sector specifically, where projects can be extremely sensitive, hiding certain issues from employees can actually compound those challenges.
Information overload can quickly create stress. A good leader will strategically disclose important information to those who need to hear it. The leader should also filter the information in a manner that keeps teams informed and motivated to do their jobs. It’s a delicate balance, but at the end of the day it’s never a bad thing to be transparent.
Additionally, while more of us are working remotely, don’t be afraid to schedule regular team check-ins. Host video conferences to keep morale up, encourage virtual happy hours, or start to regularly use workplace communication tools to check in on those colleagues who may need to hear from someone. Ask questions that encourage people to talk about more than their daily tasks and make room for conversation.
The insights from responses to non-traditional questions may illuminate stressors or provide the environment for those stressors to be revealed. There’s very little risk in over-communicating, especially now.
Don’t be afraid to make decisions
It’s no longer a question of if but when an organization will fall victim to a data breach. When that happens, everyone will default to the blame game, often pointing fingers at the overworked, understaffed cybersecurity teams.
Leaders must step up during difficult times and make strategic decisions. Decision-making can be uncomfortable, but by standing firm, leaders ultimately empower their teams to operate with a mindset of trust, collaboration and counsel, ensuring they can face the challenge head on with confidence that their leaders have their backs.
Even with the current challenges, Cyberlandia is a place where we can all live, as long as we foster a culture centered of putting people first, strong employee performance and customer satisfaction.
Most importantly, the principles of Cyberlandia will help reduce the cybersecurity talent gap, which is expected to reach 4 million. By reducing stress and creating a culture of trust in which employees believe they can excel, we may have found the key to safeguarding the future of cybersecurity.