IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Security professionals need to become wellness experts

Want to boost your defences? Take some inspiration from health gurus

Illustration of office workers meditating

If you work for a large organisation, you’ve probably noticed that health and wellness have become an area of focus over the past several years. Companies have started offering classes on yoga and meditation to their employees, while promoting mental health and emotional wellbeing. 

There’s a very good reason for this; not only does it aid workforce retention by creating a positive environment, multiple studies have also shown that healthy and fulfilled workers are more productive. This trend has driven companies to expand their focus on employee wellbeing beyond simply reducing work-related stress to elements like diet, sleep, and exercise, all of which play a major role in how effective people are when they’re at work.

The theory is that, because human beings aren’t robots that can compartmentalise their experiences, every element of a person’s life will feed into every other part. Put simply, you’re not going to be able to do your best work if you’re exhausted, depressed, or suffering from an avoidable health condition. Therefore, it’s in employers’ best interests to keep their staff as healthy as possible both in and out of the office.

The same thinking can also be applied to an organisation’s security for a similar effect. This isn’t to suggest that you start a morning pilates session with your incident response team or bring puppies into your SOC once a week (as adorable as that would undoubtedly be) - instead, this is about applying the principles of holistic wellness to your security strategy.

Just like its employees, an organisation’s security is large, and contains multitudes. Most security teams have tools to manage network firewalls, threat detection, API security, and DDoS mitigation, but looking at these areas in isolation is markedly less helpful than thinking of them as smaller parts of a larger whole. Without looking at the bigger picture, it’s easy for gaps in your security to go unnoticed.

Even this, though, is arguably taking too narrow a focus on security. If corporate wellness involves looking at employees’ health outside the workplace, then security wellness must involve considering your defence posture outside the confines of the operations centre. Take file-sharing as an example; if staff are using a grab-bag of different shadow IT applications to share documents, it’s next to impossible to track what data is being shared and clamp down on unauthorised access. By standardising on one central system, it’s much easier to account for filesharing as part of an overall security profile.

Business culture is also important to consider, even beyond the usual advice of making sure that employees are using good password hygiene, not opening suspicious attachments and the like. If there’s an established process in place for requesting things like financial transfers or sensitive document access, spearphishing attempts involving ‘urgent’ emails for wire transfers purporting to be from a C-suite executive will stick out like a sore thumb.

Multi-vector attacks have been the norm for years, and everything from your application front-end to your staff’s personal laptops are a potential target for hackers. Security teams can no longer afford to look at their IT estate in isolation, but by boring some of the strategies of the modern corporate wellness programme, they can de-stress their operations and bring some harmony and balance to their strategy.

To learn more about how you can bring a holistic attitude to your web protection, register now for our free webinar, in association with Cloudflare and Frost

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021

Most Popular

Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Why India wants to become a chipmaking powerhouse
components

Why India wants to become a chipmaking powerhouse

28 Jun 2022