Overview
In times of increased cyber threats, organizations face pressure on their systems, processes, and personnel. This document outlines strategies for sustaining a robust cyber posture while ensuring the well-being of staff. Prioritizing employee welfare is not only an essential human resource consideration but also a critical component in upholding an organization’s security and resilience.
Understanding Extended Threat Periods
There are instances when cyber threats can escalate significantly, often due to geopolitical issues. Organizations may experience:
- A brief acute phase requiring immediate enhancements to defenses and mitigation of vulnerabilities, followed by
- A prolonged protracted phase where a reinforced cyber posture is necessary to handle remaining risks from the elevated threat.
Although the threat level may eventually decline, it is unlikely to revert to previous standards. Organizations might need to adjust their defensive measures to fit the evolving security landscape. The NCSC will continue to provide guidance to assist organizations in evaluating the cyber threat level.
Potential Organizational Impacts
Maintaining an enhanced posture over time can be challenging. Increased demands on cybersecurity staff can affect their health and productivity, potentially leading to unsafe practices.
Implementing the following measures can help maintain a strong security stance while safeguarding employee welfare.
Establish Core Security Practices
To stay alert during heightened cyber threats, ensuring fundamental security controls in your organization are effective is vital. Refer to our guidance on Actions to Take When Threat Levels Rise. The absence of visible cyber attacks does not imply a reduction in adversary capabilities; it may instead reflect that your security measures are functioning as intended.
Review Your Risk Decisions
During the acute phase of a cyber threat, you may have implemented risk-based temporary defenses. If the threat persists, it is imperative to reevaluate those initial decisions to ensure the extended defenses are practical for long-term application.
Enhance Long-term Cyber Resilience
A prolonged cyber threat may indicate permanent changes in adversary tactics, necessitating a robust focus on cybersecurity and resilience. Accelerating initiatives to secure networks and improve resilience will ease the burden on your workforce over time. The NCSC offers guidelines to assist with this, including:
Empower Your Team
In response to cyber threats, leaders may seek tighter control, which can add pressure on frontline team members. Delegating day-to-day decision-making can empower teams and allow leaders to concentrate on strategic objectives. This approach encourages a nimble response by leveraging the knowledge and experience of those directly involved. Frontline staff can better interpret evolving threat information from media and help guide the organization’s strategy.
Balance Workloads
Employees exposed to higher workloads during a response can quickly become overwhelmed. Distributing tasks evenly across a broader staff base enhances organizational resilience and offers development chances for less experienced personnel. Rotating team members in frontline positions can promote sustainability. Organizations should also be prepared to bring in additional personnel if threats escalate.
Facilitate Staff Breaks
Periods of increased cyber threat may result in staff extending their work hours and neglecting breaks, which can diminish well-being and lead to burnout. This concern is heightened for those engaged in continuous monitoring or being on-call. Ensure employees allocate time for rest and can engage in less intense tasks. This rejuvenation period is crucial for staff wellness and fosters organizational resilience. Consider:
- Ways to encourage staff to take breaks and disconnect from work
- Flexible options for staff to focus on their personal needs, including leave or flexible working arrangements.
Support One Another
Team members involved in cyber response efforts may confront distressing content and high-stakes scenarios, which can adversely affect their well-being. This is particularly relevant if heightened threat periods correlate with significant media events. Managers and colleagues should be vigilant for signs of distress and ensure access to appropriate support resources tailored to both the organization’s and individual needs. NCSC provides guidance on Prioritizing Employee Welfare During Incidents.
Involve the Entire Workforce
While the focus may be on those most affected by the response, every member of the workforce plays a pivotal role in reinforcing the organization’s cyber defenses. Rapid operations can hinder communication, leading to decreased productivity and coordination. Ensure that:
- Effective internal communication processes are established to connect all response participants
- Staff are equipped to identify and report suspicious activities (as highlighted in various security awareness initiatives).
Based on an article from ncsc.gov.uk: https://www.ncsc.gov.uk/guidance/maintaining-a-sustainable-strengthened-cyber-security-posture
