Cyber attacks continue to increase and impact all organizations. As such, a recent study by IBM Security highlighted that 67 percent of incident responders are experiencing greater stress or anxiety due to the pressures of responding to a cyber incident. Therefore, as cyber incident response continues to become more challenging and cumbersome, it’s important for organizations to provide sufficient operational and psychological support to help reduce stress for responders.
The study surveyed more than 1,100 cybersecurity incident responders across 10 countries and found that specifically the rise of ransomware has exacerbated the stress/psychological demands required during cyber incident response, with 81 percent of respondents reporting this sentiment. Still, a vast majority of respondents (nearly 80 percent) said that the sense of duty to help and protect others/businesses was by far the most influential factor attracting them to the profession. The study also revealed that the first 72 hours of responding to an attack are seen as the most stressful. And more than a third of respondents said they are working over 12 hours a day during the most stressful period of the engagement. The average incident response engagement is 2-4 weeks according to 48 percent of respondents. And nearly 30 percent indicated that an incident response engagement lasts more than 4 weeks on average. The overwhelming majority reported that it’s common to be assigned to respond to two or more incidents that overlap. One of the most effective ways to increase your organizational cybersecurity resilience and alleviate the stress of incident responders at the same time is by developing and practicing an incident response plan. Read more at SecurityIntelligence.