Automation key to reducing cybersecurity burnout & risks
As Cybersecurity Awareness Month approaches in October, key figures in the cybersecurity industry have weighed in on the crucial issues and solutions organisations must consider. Executives from Tanium, Diligent, and AvePoint provided insights on the benefits of automation in reducing burnout, elevating cyber risk governance, and automating data management for robust protection.
James Greenwood, Regional Vice President, Technical Account Management at Tanium, discussed the increasing issue of burnout among IT teams. "As we discuss Cybersecurity Awareness Month, a lot of IT teams are inevitably feeling stretched. A combination of skills shortages and shrinking budgets means burnout is rife across the industry. In cybersecurity, this can quickly lead to human errors that open up an organisation to increased risk," Greenwood stated. He emphasised the value of automation in alleviating this problem. "Automation will change the IT workforce for the better by leading to reduced human error, lowering burnout rates, and improving work-life balance. For example, most patching today needs to happen outside of regular working hours due to systems having to be shut down for hours at a time. With automated patching, this would no longer be the case, leading to happier, more productive teams that are less likely to make mistakes that could cost their company millions."
Greenwood urged organisations to consider leveraging automation tools during Cybersecurity Awareness Month. "This Cybersecurity Awareness month, organisations should be thinking about how they can leverage automation tools to support critical tasks, from endpoint monitoring to compliance auditing and patching. This won't just save resources and reduce burnout but will reduce the overall risk involved in manual cybersecurity processes," he explained.
Simon Berglund, Senior Vice President and General Manager for APAC at Diligent, highlighted the need for elevating cyber risk governance as a core boardroom imperative. "Cybersecurity Awareness Month is an opportune time to reiterate the critical and accelerating need for proactive governance to address cyber risks. As cyber attacks become more sophisticated, boards and executive teams must prioritise cybersecurity not just as an IT issue, but as a core element of their governance strategy," Berglund said.
He stressed the importance of proactive measures, referencing recent legislation. "As highlighted by recent legislations, the accountability for cyber failures rests not only on companies but also on individual executives. It's crucial that organisations implement proactive governance programs, conduct regular risk assessments, and ensure that CISOs are equipped with both the authority and liability protection needed to address these risks effectively," Berglund noted.
Berglund also mentioned the tools available at Diligent to assist leaders in staying ahead of cyber risks. "At Diligent, we equip leaders with the tools to stay ahead of cyber risks by offering real-time insights and secure collaboration across governance, risk, and compliance. In today's fast-changing environment, boards must ask the right questions, engage with cybersecurity experts, and foster a risk-conscious organisational mindset," he commented.
Alyssa Blackburn, Program Manager - Information Management at AvePoint, discussed automating data management as a means to better protect organisations. "High-profile data breaches today are often the result of poorly managed systems and a lack of proper information lifecycle management. While external cyber threats have grown more sophisticated, many breaches stem from outdated or inefficient internal processes," Blackburn stated.
She highlighted the critical nature of proper information management. "When critical information isn't properly classified, retained, or disposed of, organisations are left exposed, increasing the risk of breaches. Stale, ungoverned data becomes a ticking time bomb, ready to be exploited by malicious actors," Blackburn explained.
Blackburn advised organisations to focus on simplifying security through automation. "Rather than relying solely on employee training or adding extra security tasks, businesses should focus on strengthening their systems and automating data and simplifying the management of records and information, ensuring compliance and lifecycle governance across cloud-based systems," she said. "By simplifying security and building resilient, well-managed systems, organisations can better protect themselves from breaches while fostering a culture of cybersecurity awareness and responsibility."