Why team spirit is just as important as technology when it comes to security resilience

Matt Rider, VP of Security Engineering EMEA at Exabeam, discusses the effects of the pandemic and remote work, ways in which organizations can improve company morale, and the impact this will have on security resilience. 
Matt Rider, VP of Security Engineering EMEA at Exabeam, discusses the effects of the pandemic and remote work, ways in which organizations can improve company morale, and the impact this will have on security resilience. 

The global pandemic may have dominated headlines for much of the last 18 months, but the virus itself is far from the only challenge businesses have faced during that time. As we approach the end of 2021, light grows at the end of the Covid-19 tunnel; it’s important to take stock of how our working lives have changed during the pandemic and what, if any, impact this has had on an organization’s cybersecurity posture. 

Everything, from personal wellbeing and future promotion prospects to team changes and the growth of remote working, has the potential to negatively impact overall morale, leading to disgruntled or disenfranchized employees that pose a major security threat to their organizations.

Leading from the top

There are many ways companies can address these factors and improve company morale, but to be successful, it’s imperative that senior leadership is also on board. A strong sense of team spirit – led from the top – can overcome so many barriers, be it the sense of isolation that comes from over a year of home working, unexpected team departures, reshuffles or even data breaches themselves. Strong communication really is the glue that binds everyone together, particularly during tough times. 

Something as simple as checking in regularly with employees is a great place to start, making sure they are okay and encouraging them to destress whenever possible. Small, light-hearted initiatives, ranging from virtual meditation to online happy hours, can also have a big effect. More advanced activities such as mentorship programmes and building new communities within the workforce offer the potential for longer-lasting benefits. 

Whatever path is chosen, managers and employees must all work towards transparent and shared business objectives. If this happens, performances will improve, as will trust in leadership. But perhaps importantly, loyalty and passion for work will grow, strengthening the overall security posture in the process.

Be vigilant for signs of employee burnout

recent Exabeam study found that during the early days of the pandemic, more than 75% of businesses were forced to furlough members of their security team, despite cyber threats rising exponentially during the same period. For non-furloughed staff, this led to significantly higher stress levels as they were forced to do more with less, including fighting new, unknown cyber threats. This issue was further compounded by remote working, making it harder to collaborate effectively with colleagues and communicate with other departments as needed. 

The blurred lines between work life and home life also mean employees throughout the security operations centre (SOC) have been working longer hours and finding it tough to switch off outside of this. As employees continue to juggle their jobs with the distractions of remote working, burnout must be on every business leader’s radar. Boundaries should be set with work schedules and flexible hours offered to those who need them. In short, leaders need to listen to their employees’ needs. Fatigue across departments can lead to costly mistakes such as falling for phishing emails, and on the security side, it can be the difference between an employee spotting or missing key attack indicators. 

Regular security training helps keep employees alert to new (and old) threats

Conducting regular cybersecurity training, is another cost-effective way of reducing risk and minimizing the chances of careless actions, such as forgetting to log out of a work computer or using weak passwords, leading to a major breach. It also serves as an opportunity to remind administrators to change default passwords and apply security patches. 

Carrying out periodic anti-phishing training exercises is another great tactic, particularly among remote workers. This entails sending phishing emails out across the organization and looking for any users that fall for them. Once identified, these users can be given additional training, helping prevent them from falling for genuine attacks and unwittingly becoming compromised insiders. 

Bad actors responded extremely quickly to the opportunity presented by the first lockdown and the subsequent, rapidly enforced home-working to create a raft of phishing campaigns and misinformation websites hosting malware – at its peak, over 5,000 COVID-19 related domains were being registered per day during March 2020. Fear, uncertainty and doubt alters the behavior of even the savviest end-users, even more so when we’re isolated at home, where the casual but often vital, ‘Hey Polly, have you seen this weird email as well?’ isn’t possible.

The benefits of cybersecurity also extend basic safeguarding. It can help employees develop new skills, spark interest, and even open up new career paths for those with a particular interest in the topic, which can be invaluable in the face of the ongoing global cybersecurity skills shortage.

Empower employees by giving them the tools needed to succeed

 For businesses operating with smaller teams, or still dealing with staff absences, automation tools can also play a huge role in helping to mitigate threats and improve future business prospects. User and entity behaviour analytics (UEBA) is one such tool that tracks, collects, and analyses user and machine data to detect potential breaches. It does this by establishing ‘benchmarks’ for normal behaviour over a period of time, then automatically flagging any behaviour that deviates too far from these benchmarks. 

As a result, UEBA can spot unusual online behaviours, such as logging in at strange times/locations, uploading or downloading large amounts of data, or the same credentials being used by multiple users, all of which are tell-tale signs of insider threats. More importantly, UEBA can often spot these behaviours before criminals have gained access to critical systems. 

READ MORE:

Even before the COVID-19 pandemic, cybersecurity was a challenging industry to work in. But after over 18 months of business disruption, furlough and job losses, combined with a significant rise in the number and variety of cyberthreats out there, it’s become harder than ever for organizations to stay ahead of attackers. While tools and technology can play a big role in helping offset some of these challenges, prioritizing employee wellbeing, education and company culture can play an equally important role, which mustn’t be overlooked.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Matt Rider

Matt Rider is VP of Security Engineering EMEA at Exabeam.

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...