Businesses should be prepared for an extended period of heightened cyber threats and they need to take action to prevent their cybersecurity staff from being overworked, the National Cyber Security Centre (NCSC) has warned.
While the UK's cybersecurity body says the UK hasn't experienced severe cyberattacks in relation to Russia's invasion of Ukraine, it also warns "now is not the time for complacency".
"From the start of the conflict in Ukraine, we have been asking organisations to strengthen their cyber defences to help keep the UK secure, and many have done so," said Paul Maddinson, NCSC director for national resilience and strategy.
"But it's now clear that we're in this for the long haul and it's vital that organisations support their staff through this demanding period of heightened cyber threat."
The NCSC warns that organisations might find it difficult to maintain a strengthened cybersecurity posture for a long period of time, particularly because increased workloads for cybersecurity staff can "can harm their wellbeing and lead to lower productivity", which could result in a rise in "unsafe behaviours or errors".
It's also important for organisations to regularly visit risk-based decisions – if temporary measures were applied to deal with a situation, decision makers might need to consider if they need to be made permanent if the threat continues.
Organisations should also look to improve their long-term cyber resilience, because accelerating plans for hardening networks will relieve pressure on the workforce in the long term – it's better to be prepared to defend against an attack before it happens, rather than when hackers are in your network.
But it isn't just about the technology – businesses and decision makers need to make the right decisions for staff too, ensuring that they're able to do their jobs as efficiently as possible.
According to the NCSC, one of the ways to achieve this standard is by delegating day-to-day decision-making processes to appropriate levels. This strategy will allow decision makers to focus on medium-term priorities, while also enabling frontline staff on the ground to be more agile with their own decision-making processes because they don't have to present them to management first.
The NCSC suggests that organisations can be more resilient if they spread cybersecurity workloads across a wider pool of staff, allowing personnel to take breaks and time off, enabling employees to relax and decreasing the risk of burnout. The NCSC also suggests that this approach can provide development opportunities for less experienced staff to build up their skills on the job.
But even ensuring that cybersecurity staff can take breaks and relax might not be enough because the nature of the job means responding to incidents can expose them to harmful or distressing content, difficult decisions, or high-pressure situations that affect their wellbeing.
The NCSC suggests that managers and colleagues should look out for signs that they or their colleagues are struggling, and ensure that they are equipped with the resources to respond