29 May 2017

Report looks at biggest stressors in average cyber pros’ day


by Tony Ware

Immature programs resulting in excessive vulnerabilities maintenance and backlogged compromise investigations are fueling high stress and systems distrust, according to a survey of 400 individual contributors and management personnel working in cybersecurity, fraud, risk and compliance.

“A Day in the Life of a Cyber Security Pro,” an Enterprise Management Associates infobrief written by David Monahan for Bay Dynamics, finds 67 percent of federal respondents feeling overwhelmed by the volume of vulnerabilities and threat alerts received. 

A contributing frustration factor was revealed to be a significantly labor-intensive manual patching approval process. In addition, inefficient alerting systems generating false positives and improperly prioritized alerts that need manual reassessment are contributing to that feeling of being overwhelmed. According to the survey, the failings in automated systems are requiring analysts to spend 24 to 30 minutes to investigate each incident and up to 64 percent of tickets are not worked per day.

Taking into account these factors, a tools issue needs to be addressed and any feeling of program maturity are from management buffered from the direct impact on operations.

No comments: