IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

NCSC concerned for UK cyber experts burning out over Russia-Ukraine cyber war

The nation's cyber authority has provided organisations with advice on how to deal with an extended period of heightened threat

The UK’s National Cyber Security Centre (NCSC) has issued guidance to information security teams on how to maintain strong digital defences amid an “extended period of heightened threat”.

It comes as the organisation’s concerns grow over the well-being of the nation’s cyber practitioners who are having to keep resilient cyber defences as a result of the ongoing kinetic and cyber war between Russia and Ukraine.

The cyber authority has listed several measures UK businesses and organisations can take to ensure their security experts remain happy, healthy, functional, and efficient throughout the period of ongoing conflict. 

The first is to ‘get the basics right’ - ensuring the basic cyber hygiene controls within a business are enabled. These include checking for software patches, verifying access controls, and enabling comprehensive logging and monitoring systems. The full list of ‘basics’ is laid out in a separate NCSC article

Many organisations took risk-based decisions at the start of the conflict to introduce additional temporary defences. Now that the conflict appears to be a long-term threat, these decisions should be revisited to ensure the security environment is equipped for battle in the long term.

Re-assessing the workloads of every member of the team should also be considered, the NCSC said. To free up space for leaders to tackle other priorities, it could be effective to empower frontline staff to take on additional decision-making responsibilities, and could even lead to more agile responses that are informed by the experiences of those on the front line. 

Additional responsibilities should be weighed evenly throughout the wider team though, to prevent burnout and increase development opportunities for all involved. 

Taking regular breaks and encouraging staff to lean on each other for emotional support, providing they feel comfortable doing so, are also advisable strategies to manage the prolonged period of conflict, said the NCSC. 

What are the NCSC’s main concerns?

The IT industry is steeped in notoriety for the prevalent burnout experienced by workers across many branches of the industry and the NCSC said there is an increased risk of cyber professionals suffering from the condition.

Longer hours, taking fewer breaks, and dealing with additional threat vectors on top of the usual adversarial threats that are expected in the cyber security industry are all contributing to increased workload across teams.

Related Resource

Securing endpoints amid new threats

Ensuring employees have the flexibility and security to work remotely

Whitepaper cover with image of female employee working at home on laptopFree Download

Some staff are also involved in round-the-clock monitoring or being required to be on-call for emergencies which can limit the ‘downtime’ they can enjoy away from work. By promoting a work culture that encourages breaks and rest, rather than a total focus on work and preparedness, is one way cyber security teams can manage the prolonged workload brought by the ongoing cyber war.

“Cyber security teams were already under mounting pressure in the months leading up to the invasion of Ukraine: handling a global pandemic, a rise in ransomware attacks and the Log4j vulnerability, alongside the usual levels of ongoing malign cyber activity,” the NCSC said. 

“These extended periods of intense pressure on cyber security teams raise the risk of poor wellbeing and even burnout, with a potential associated rise in unsafe behaviours and errors. Staff welfare is a critical component of an organisation’s security and resilience.”

What is an extended period of heightened threat?

Cyber security is an often unrelenting role that requires high levels of vigilance at all times. The number of cyber security threats faced by businesses continues to rise each year and the ongoing cyber war between Russia and Ukraine is presenting additional requirements for the job. 

An extended period of heightened threat typically involves two phases, the NCSC said: an acute phase where organisations scramble to implement temporary defences at the start of a conflict and a protracted phase when a strengthened security posture should be maintained as conflict continues.

The UK is now in the protracted phase which is where the complications and concerns over experts’ welfare have become increased.

“Over time, the cyber threat may come down again, but it is unlikely to return to the previous baseline,” said the NCSC. 

“Organisations might maintain aspects of their strengthened posture for the long term, in response to a changed threat landscape. The NCSC will continue to issue guidance to help organisations assess the level of the cyber threat.”

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Recommended

What is cyber warfare?
Security

What is cyber warfare?

20 May 2022

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
Google is now spending a staggering amount on blockchain
Business strategy

Google is now spending a staggering amount on blockchain

17 Aug 2022
UK water supplier confirms hack by Cl0p ransomware gang
ransomware

UK water supplier confirms hack by Cl0p ransomware gang

16 Aug 2022