Incident responders primarily drive a strong sense of duty to protect others. This responsibility is increasingly being challenged by the escalation of disruptive attacks, from the spread of Ransomware attacks to the recent rise in malware swabs, according to IBM Security.
The global survey of more than 1,100 cybersecurity incident responders in 10 markets revealed trends and challenges that incident responders face due to the nature of their profession. Key highlights include:
sense of service – More than a third of accident responders were drawn into the field by a sense of duty to protect and the opportunity to help others and businesses. For nearly 80% of respondents, this was one of the main reasons for their attraction to international relations.
Multiple fronts fighting Amid an increasing number of cyberattacks in recent years, 68% of incident responders surveyed stated that it is common for them to be tasked with responding to two or more overlapping incidents simultaneously.
Impact on daily life High demands for cyber security posts also affect the personal lives of incident responders, with 67% experiencing stress or anxiety in their daily lives. Insomnia, fatigue and impact on social life or relationships followed as effects cited by respondents. Despite these challenges, the vast majority acknowledged that they have a strong support system.
“The real-world repercussions of cyberattacks are now causing public safety concerns and growing risks of market stress,” he said. Lawrence Dane, the global leader, the IBM Security X-Force Incident response. “Incident responders are the frontline defenders who stand between cyber foes causing disruption, safety and continuity of critical services.”
While many IR teams are forced to face many battlefronts, companies can be left without the resources to mitigate and recover from cyberattacks. An IBM study found that 68% of incident responders surveyed find it common to simultaneously need to respond to two or more cyber security incidentsto highlight a constantly running field.
Among US respondents, 34% said the average duration of IR engagement was 4 to 6 weeks, while a quarter stated that the first week was often the most stressful or demanding period for engagement. During this period, about a third of respondents work more than 12 hours a day on average.
Since incident responders tolerate the stress and high demands associated with electronic response, the vast majority of responders admitted to having a robust support system. Specifically, most respondents feel that their leadership has a solid understanding of the activities involved in international relations, while 95% say it provides the support structure necessary for them to succeed.
84% stated that they have adequate access to mental health support resources, while 64% of incident responders seek mental health assistance due to the challenging nature of responding to cyberattacks.
But companies can provide more support to incident responders, whether it’s in-house blue teams or the external external relations teams they engage in in the event of a cyber crisis, by prioritizing cyber preparedness and creating plans and operating manuals tailored to their environment and resources. This can help enable a more agile and rapid response at the onset of an incident and relieve an unnecessary layer of stress across the company.
To this end, situational awareness of their infrastructure is important. Companies can focus on testing their state of readiness through simulation exercises, not only to get a sense of how their teams will react when under attack, but to provide opportunities to properly integrate the multiple teams involved during a cyber incident.