Ransomware takes mental toll on cybersecurity pros

Going up against and being thwarted by faceless cyber-criminal gangs, unsurprisingly, carries psychological implications.
14 October 2020
  • We tend to think about the devastating impact of ransomware in terms of financial cost 
  • But a successful attack can also take a mental toll, with organizations reporting a loss of confidence in their ability to defend themselves

Ransomware can be devastating to businesses, and the financial impact can be long-lasting.

What’s less considered, however, is the psychological impact that these attacks can have on the teams that — at least on paper — were responsible for them and must firefight them in the aftermath.

It’s no secret that cybersecurity can be a less-than-rewarding gig. Professionals are few and far between, often carry a huge weight of responsibility in protecting an organization, and can face challenges in acquiring budgets or simply being heard among leadership — despite cyberattacks representing, arguably, the biggest threat to businesses today.

A new report called Cybersecurity: The Human Challenge by cybersecurity firm Sophos reveals that organizations are never the same after being hit by ransomware. Besides lost business, downtime, and reputational impact, the report highlights that the confidence of IT managers and their approach to tackling cyber attacks differs significantly depending on whether or not their organization has been attacked.

wannacry ransomeware screenshot

A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec. Pic: Reuters

The report is an indication that — as the sophistication, frequency, and damage of cyberattacks continues to worsen — going up against and being thwarted by faceless cyber-criminal gangs could carry psychological implications, adding to the burdensome task cybersecurity leaders now face.

For instance, IT managers at organizations hit by ransomware are nearly three times as likely to feel “significantly behind” when it comes to understanding cyber threats, compared to their peers in organizations that were unaffected (17% versus 6%).

All this could be chipping away at the satisfaction cybersecurity specialists achieve from their careers. The findings go some way to explaining why more than one-third (35%) of ransomware victims said that recruiting and retaining skilled IT security professionals was their single biggest cybersecurity challenge, compared with just 19% of those who hadn’t been hit.

Among organizations that have been hit by ransomware, priorities can shift as well, with the scales shifting away from threat prevention to response — diverting resources towards dealing with incidents rather than stopping them in the first place.

This shift could indicate that ransomware victims have more incidents to deal with overall, said Chester Wisniewski, a principal research scientist at Sophos: “However, it could equally indicate that they are more alert to the complex, multi-stage nature of advanced attacks and therefore put greater resource into detecting and responding to the tell-tale signs that an attack is imminent.”

The report is another reminder of the “near-impossible demands” imposed upon a small handful of specialists against a multi-faceted threat of Goliath proportions.

If there is a silver line of a successful ransomware attack, it’s that the experience appears to give business leaders a greater appreciation of the importance of skilled cybersecurity professionals, Wisniewski said, and “a sense of urgency about introducing human-led threat hunting to better understand and identify the latest attacker behavior.”

“Whatever the reasons, it is clear that when it comes to security, an organization is never the same again after being hit by ransomware.”