The demands of the job of the cybersecurity professional means that more than half work on the weekend.
According to a survey of 360 information security professionals at Infosecurity Europe 2017 by Farsight Security, 57% work weekends and, on average, nearly a third (29%) work ten hours a day. Also, more than half (51%) of respondents said that they had missed an important event due to a security related incident at work more than once.
“Securing the internet, our businesses and national infrastructure is one of the world's most critical challenges. Cybersecurity professionals work hard behind the scenes to avert disasters that we rarely hear about, and we need more like them," said Dr Paul Vixie, CEO, co-founder and chairman of Farsight Security.
In an email to Infosecurity, Maxine Holt, principal analyst at the ISF, said that IT and information security is a 24-hour issue, and this is recognized and understood by professionals working in the sector.
“Organizations must be prepared to deal with incidents around the clock, and the 6-Ps mantra – ‘proper preparation and planning prevents poor performance’ – is highly applicable,” she said.
“A comprehensive and approved information security incident management framework, supported by a process for the identification, response, recovery and post-implementation review of information security incidents, is strongly recommended. For those organizations without a rota for supporting out-of-hours incidents, formalizing the situation can avoid having the same people called every time there is an incident.
“Sharing the workload – with reward – not only helps team working but also can also support the upskilling of individuals who may not otherwise volunteer.”
Nathan Wenzler, chief security strategist at AsTech Consulting, told Infosecurity via email: "There's definitely been an uptick in the kind of security incidents that require immediate attention, and there doesn't appear to be any relief coming anytime soon. Even with the increased use of automated tools and defenses, there's still a need for the kind of analysis and communication that only a human can provide. This is one of the main reasons that having a formal incident response program and team in place before a serious problem takes place is so critical for all organizations. Many have plans to deal with the technical issues, but usually fall short on identifying who should be a part of handling an incident, who will be in charge of leading the effort, and who will handle communication.
“Most security professionals I've worked with feel that working weekends or off-hours is just what comes with the territory of our field, but, that doesn't mean that they are the only ones who can help address a security incident.
“Organizations can and should do much more to help support their security teams by formally identifying the other members of the incident response team, documenting response procedure and cross-training all members to ensure that when a security incident does take place, the full burden of the effort doesn't rest on the on-duty security professional.”