Monday, September 5, 2022

How To Show Your Cyber Employees That You Value Them: 3 - Point Checklist

 


Well, Happy Labor Day everybody!!  Hopefully your taking the day off, and enjoying the time with family and friends.  As we are getting close to the last quarter of the year, there is one topic I don’t think I have covered:  And that is the Secure Operations Center, or SOC. 

As I mentioned in yesterday’s blog, this is where an MSP or even an MSSP has individuals from their IT Security team closely watch the IT and Network infrastructures of their clients.  Yea, in some ways it’s like going into the flight deck of a Boeing 787, with all of the modern computers and screens that are present.

But that is just the image which is portrayed.  I have a few friends that are MSPs also, and they even have their own SOC, but maybe not so modern.  Also as mentioned, one even has it a in a shared office space.  But wherever it is located, one thing is for sure:  It is a secure environment, and the people that are hired to watch those screens have their full client’s trust in their hands.

In a way, it’s like air traffic control, btu rather than guide airplanes, in and out of the runways, you are watching the flow of data packets, and keeping track of any abnormal activity that could be present.  But since really nobody talks about the people that work in the SOC, nobody really understands the pressure that they are under. 

All we keep hearing about is the burnout rate from other members of the IT Security team and the CISOs.

But in fact, the burnout rate starts from the SOC itself.  According to a recent study conducted last year, more than 1,000+ SOC workers complained about burnout, high levels of stress, alert fatigue, and just the sheer amount of the information and data that needs to be processed. 

Yes, there are automation tools that can help a lot with this, but in the end, it still takes a human eye and judgment to make the final call.  More information about this study can be seen at this link:

https://www.devo.com/resources/2021-devo-soc-performance-report/

So what can be done to help improve the employee morale at your SOC?  Here are some tips you can deploy:

1)     People always want to know how they are doing:

Whether it is in a job situation or you are an entrepreneur (like me), you always want feedback.  You always want to know if you are meeting or surpassing expectations, and what you can do better.  As a leader or a manager, always be proactive about this. Also equally important is to spontaneous about the feedback you are giving.  Whenever a manager scheduled a specific meeting time, I dreaded that, because it just instilled mor fear into me.  Don’t do things that way.  If have a few minutes, pull your employee aside for a minute and tell them how things are going.  Tell them what they are doing well at, but equally if not more important, tell them the areas in which they need some improvement in.  But consider this as constructive criticism.  Don’t take a printed rating scale and evaluate that way.  Keep it informal, relaxed and friendly.  Also from time to time, take your employees out to coffee or even lunch to keep the evaluation environments changed up.

2)     Consider job rotation:

This is probably even more important now than ever before, especially in Cybersecurity.  For example, once some of the employees on your SOC team have worked consistently for about a month, pull one or two out for abut a week, and have them work in other areas within the other areas of the IT Security team.  This serves some key advantages.  First, your SOC employees will get away from being isolated in a locked room, and they will learn how to cultivate relationships with other members.  Second, they will get a much better insight into the various processes that go into keeping tabs on the Cyber threat landscape.  Third, if somebody from your SOC team calls in sick one day, you can bring in one of your other employees that have been cross trained in SOC operations to fill the gap for as long as needed.  So, here is an idea:  Why not first start this job rotation model with your Threat Hunter and/or Modeler?  After all, they are hired to predict what the future looks like, so why not give them an idea of what the present looks like?  That might even fine tune their thinking processes also.

3)     Work outside of the company:

Whenever the time permit, have your SOC team work outside of the business. For example, perhaps arrange it so that they can lead a Cyber boot camp for kids and teens to spur further interest in Cyber.  Or perhaps encourage them, if they have time, to teach Cyber at a local junior college.  Also, have them work inside other departments of the company as well.  This will give them the chance to see what other employees are doing, and especially what their Cyber concerns are as well.  This not only further shows to the SOC team the importance of their work, but it also fosters teamwork across the entire organization.  But most importantly, it will help to get rid of that siloed work environment!!!

My Thoughts On This:

Well, there you have it, 3 quick tips that you can almost deploy starting even tomorrow.  But just a few key points to remember.  First, always treat your SOC employees with the utmost respect.  At the end of the day, they are human beings also, just like you and I, and they are no different. 

If you have an issue with employee, just don’t yell at them in front of everybody else, as it will accomplish nothing.  Instead, have a private conversation with them, and tell them what is going on, using a constructive criticism approach.

From time to time, keep reminding your employees how important they are, without blowing up their egos out of proportion.  In this regard, taking them out to dinner or lunch every once in a while, or even a simple gift card will suffice.  Or for that matter, even a simple pat on the back will go a long way.

Finally as an SOC manager, don’t think it is your way or the highway.  You too are also an employee in the company, and you have others you need to report to.  So in this regard, have an open-door policy.  Let your employees tell you how you are doing, and how the whole environment is.  Try to take their feedback, and implement it.

This simply shows that you value their input also, and will only result in a much stronger, more unified SOC team.

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...