Managing Threats When Most of the Security Team Is Out of the Office
December 20, 2024 – Published on Dark Reading
Experienced security leaders know that attackers are patient.
Attackers can infiltrate corporate chat systems like Slack or Microsoft Teams and just…watch. For months, they monitor conversations, learn who the experienced staff are, and take notes on upcoming vacation plans and each team member’s communication style. Then when the company shifts to a skeleton crew—perhaps during a major holiday or summer break—they strike.
Whether it is the slow week between Christmas and New Year’s Day in Western countries, the European summer break in August, or other periods during the year when large numbers of employees go on vacation, organizations with a global footprint must maintain cybersecurity continuity during regional slowdowns. Holidays like Lunar New Year in Asia and the Eid feast days in the Middle East often mean fewer workers overseeing critical operations. When part of the workforce scales down, attackers ramp up.
By identifying risks, training employees, leveraging technology, and strategically distributing workloads, companies can create a safety net that protects both systems and operations. The key is not waiting until the last minute; preparations must be in place before staff members sign off.
Organizations can mitigate holiday risks with proactive strategies, such as distributing workloads across time zones. Mark Lance, head of DFIR at GuidePoint Security, suggests using teams in regions where holidays are not being observed. “It’s about balance,” he says. “When one region steps back, another steps up.”
The human element is also critical to any security plan — even when fewer employees are on the clock. Lance says fostering collaboration and reducing isolation during skeleton crew periods is key to defense.
“Better decisions happen when you’re not alone,” Lance says.
Read More HERE.