Intelligent CIO North America Issue 19 | Page 33

EDITOR ’ S QUESTION
CHRISTOPHER HILL , CHIEF SECURITY STRATEGIST , BEYONDTRUST

I think it ’ s safe for us to admit that most employees across the world are experiencing some sort of cyber fear fatigue . This combined exhaustion and fear overload can have a negative impact on cybersecurity posture .

We ’ ve been immersed in COVID protocol for over two years . Our travel options have been limited , and most of us have endured numerous other restrictions , depending on where we live .
Thus , we ’ ve been even more of a captive audience , watching in dread from our seats at home as some of history ’ s most significant cybersecurity breaches and compromises have unfolded in seeming continual succession .
The weight of cyber fear fatigue is probably heaviest for those forced into working remotely since the initial Coronavirus wave – way before the idea of variants had entered the picture .
However , C-level executives have lived in fear since day one of shutdowns and the massive , rapid-scaling of remote work .
In a recent survey from Munich Re , 81 % of the C-level respondents said they didn ’ t feel adequately protected against cyberthreats .
There comes a point when you fear something so much you get sick of it , then you get inured to it and maybe even complacent . That ’ s how fatigue can work to wear down our defenses .
We are all exhausted with the relentless cyberattacks that continue to cripple businesses , economies and critical supply chains . The pandemic has just exacerbated the exhaustion , while making our jobs harder and attackers ’ jobs easier .
As cybersecurity professionals , we need to do a better job holistically with cybersecurity .
Until we can position ourselves and our companies in a way that can be better prepared to deal with cyberthreats , we will continue to live in fear and we will continue to endure the fatigue associated with living in fear .
The weight of cyber fear fatigue is probably heaviest for those forced into working remotely .
We need to break out of this unhealthy cycle . General fatigue and cyber fatigue set employees up to miss things that should pique their interest , while dampening their response times . Fatigued employees make mistakes . No one is immune to this – it ’ s a human response to persistent fatigue .
As individuals , each of us has varying levels of tolerance , or resistance , to fatigue . However , as an organization , we are only as secure as our weakest link , which can be our most sensitive employee .
If their cyber fatigue induces them to have lapses in cyber hygiene , that employee will end up being the part of your attack surface that gives threat actors a foothold , or a pivot point from which to engage in lateral movement .
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 33