Security professionals need to become wellness experts

Want to boost your defences? Take some inspiration from health gurus

Illustration of office workers meditating

If you work for a large organisation, you’ve probably noticed that health and wellness have become an area of focus over the past several years. Companies have started offering classes on yoga and meditation to their employees, while promoting mental health and emotional wellbeing. 

There’s a very good reason for this; not only does it aid workforce retention by creating a positive environment, multiple studies have also shown that healthy and fulfilled workers are more productive. This trend has driven companies to expand their focus on employee wellbeing beyond simply reducing work-related stress to elements like diet, sleep, and exercise, all of which play a major role in how effective people are when they’re at work.

The theory is that, because human beings aren’t robots that can compartmentalise their experiences, every element of a person’s life will feed into every other part. Put simply, you’re not going to be able to do your best work if you’re exhausted, depressed, or suffering from an avoidable health condition. Therefore, it’s in employers’ best interests to keep their staff as healthy as possible both in and out of the office.

The same thinking can also be applied to an organisation’s security for a similar effect. This isn’t to suggest that you start a morning pilates session with your incident response team or bring puppies into your SOC once a week (as adorable as that would undoubtedly be) - instead, this is about applying the principles of holistic wellness to your security strategy.

Just like its employees, an organisation’s security is large, and contains multitudes. Most security teams have tools to manage network firewalls, threat detection, API security, and DDoS mitigation, but looking at these areas in isolation is markedly less helpful than thinking of them as smaller parts of a larger whole. Without looking at the bigger picture, it’s easy for gaps in your security to go unnoticed.

Even this, though, is arguably taking too narrow a focus on security. If corporate wellness involves looking at employees’ health outside the workplace, then security wellness must involve considering your defence posture outside the confines of the operations centre. Take file-sharing as an example; if staff are using a grab-bag of different shadow IT applications to share documents, it’s next to impossible to track what data is being shared and clamp down on unauthorised access. By standardising on one central system, it’s much easier to account for filesharing as part of an overall security profile.

Business culture is also important to consider, even beyond the usual advice of making sure that employees are using good password hygiene, not opening suspicious attachments and the like. If there’s an established process in place for requesting things like financial transfers or sensitive document access, spearphishing attempts involving ‘urgent’ emails for wire transfers purporting to be from a C-suite executive will stick out like a sore thumb.

Multi-vector attacks have been the norm for years, and everything from your application front-end to your staff’s personal laptops are a potential target for hackers. Security teams can no longer afford to look at their IT estate in isolation, but by boring some of the strategies of the modern corporate wellness programme, they can de-stress their operations and bring some harmony and balance to their strategy.

To learn more about how you can bring a holistic attitude to your web protection, register now for our free webinar, in association with Cloudflare and Frost

Featured Resources

2021 Thales access management index: Global edition

The challenges of trusted access in a cloud-first world

Free download

Transforming higher education for the digital era

The future is yours

Free download

Building a cloud-native, hybrid-multi cloud infrastructure

Get ready for hybrid-multi cloud databases, AI, and machine learning workloads

Free download

The next biggest shopping destination is the cloud

Know why retail businesses must move to the cloud

Free Download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Veritas Backup Exec 21.3 review: Covers every angle
backup software

Veritas Backup Exec 21.3 review: Covers every angle

14 Oct 2021