Trend Micro survey: Emotional toll for cybersecurity threats

Trend Micro Incorporated revealed findings from its global survey on the resilience of Security Operations Centres (SOCs) as they continue to encounter a rising number of cybersecurity threats to their businesses.

The global survey polled IT specialists in 21 countries and included 101 Canadian IT security decision-makers in their findings. Overall, study results found that just under half (46 per cent) of SOC/IT security teams were overwhelmed by security alerts. Additionally, almost three-quarters (71 per cent)  of respondents reported being negatively impacted emotionally by their work managing cybersecurity threats and alerts. This includes almost half (43 per cent) reporting they felt so stressed at work they were unable to relax.

“Burnout due to cybersecurity is real. Our data shows just how high the number of Canadian IT professionals experiencing negative emotional effects due the ongoing cadence of security threats is, and this is only exasperated by their concerns of not having the right defensive systems in place to deal with them,” says Greg Young, Vice President of Cybersecurity for Trend Micro in a company press release.

“We expect cyber threats to continue to increase, particularly due to the uptick in ransomware attacks and the personal impact it’s having on IT professionals as a result.

The survey also found that more than half (52 per cent) of Canadian respondents were not highly confident about their organization’s ability to prioritize and respond to security alerts. This, despite companies surveyed reporting having an average of 23 security monitoring solutions in place to deal with ongoing threats. Furthermore, when it came to security infrastructure already in place, two in five companies (41 per cent) admit to not using their existing systems. Reasons for not using their systems included them being out of date (46 per cent), a lack of integration (44 per cent), and difficulties around using it (32 per cent.)

“Throughout the pandemic, most companies have fast-tracked their organizations move to a remote and cloud-heavy world. Change can create cracks in the defenses, meaning a greater attack surface and less visibility,” Young added.

“The world has a shortage of cybersecurity talent, and we need to better care for the cybersecurity teams we have and support them to the best of our abilities. Cybersecurity staff burnout is a real problem that won’t fix itself.”

The survey also found that 64 per cent of companies reported that they expect or are currently dealing with a data breach. The majority of companies surveyed (82 per cent) have a security operations centre (SOC). A little less than half of SOC and IT security teams operate 24 hours, seven days a week (45 per cent.) Companies also reported spending around a quarter of their time investigating false alert positives.