Emotional Blowback: Dealing With Post-Incident Stress

Cyberattacks are on the rise as adversaries find new ways of creating chaos and increasing profits. Attacks evolve constantly and often involve real-world consequences. The growing criminal Software-as-a-Service enterprise puts ready-made tools in the hands of threat actors who can use them against the software supply chain and other critical systems. And then there’s the threat of nation-state attacks, with major incidents reported every month and no sign of them slowing.

Amidst these growing concerns, cybersecurity professionals continue to report staffing shortages worldwide. These shortfalls can have a negative impact on incident prevention and response alike. Short-staffed security teams must respond to cyber incidents whenever they happen, no matter the size of the team. Working with such limited resources increases strain and stress with each new incident, creating a vicious cycle of attrition. 

Threat Actors Ignore Business Hours

Cyber criminals tend to launch attacks during off-peak hours in the hopes of scoring big while the staff is absent. As a result, incident responders often must work outside of regular business hours, sometimes during or just before major holidays. The first 72 hours of an incident are usually the most critical. It’s during this time when incident responders must find the primary attack vector, contain the intrusion and begin remediation. 

Incident response does not stop until the situation is contained, which is hard on incident responders. Security professionals work long hours during an incident, oftentimes longer than 12 hours per day according to emotional blowback dealing incident stress