The human impact of ransomware attacks: how can businesses protect their security professionals?>
IT Security Guru – Tony Hasek
The article calls for a multi-pronged approach of cultural change, training, protective technologies like air-gapping, and leadership prioritizing employee mental health to address the human toll of ransomware on cybersecurity professionals
Ransomware attacks have major financial, operational and reputational impacts on businesses, costing UK companies over £30.5 billion in 2023) However, the human toll on cybersecurity professionals is often overlooked.
48% of CISOs report that work stress has impacted their mental health, and 35% say their physical health was affected, according to a CISO stress report
Factors driving this stress include an increasingly sophisticated threat landscape with AI/quantum threats, lack of cyber resilience in most UK businesses, and a cybersecurity skills shortage putting more pressure on existing professionals
Ransomware attacks often cause high stress, PTSD, guilt and shame among security teams, forcing time off work and straining personal relationships
To address this, a cultural shift is needed with an open, blame-free environment that empowers employees to speak up and seek help when needed
Training, upskilling and dedicated programs can help bridge the cyber skills gap and build operational confidence
Implementing air-gapping to physically isolate critical systems from the internet can reduce exposure and take some burden off security teams
C-level executives need to take ownership of employee wellbeing, including having a “kill switch” to remotely disconnect systems during threats
Prioritizing cybersecurity staff wellbeing is critical, as burnout increases the risk of costly mistakes and data breaches.
Link: https://www.itsecurityguru.org/2024/03/22/the-human-impact-of-ransomware-attacks-how-can-businesses-protect-their-security-professionals