In our last article, we spoke about Maslow’s pyramid of needs and how Security Operation Centres can and should cater to even the most basic needs.

Maslow built his pyramid as he was searching for the meaning of life. He had seen two conflicting sides argue over the meaning of life; one was the materialistic side arguing all that was needed was the basic needs, and the other side called for a more spiritual requirement.

This pyramid is so loved because it does a fantastic job of pulling together both sides and showing that each side is right and needed for the other one.

Going up the pyramid, we reach the safety needs for your Security Operation Centre staff.

Psychological Security

Security and safety can come from your organization’s culture. Staff have that crucial role of monitoring your network for attacks and generally are in the position of delivering bad news.

Bad news can be writing executive comms to announce a failure in our defences or physically calling out engineers in the middle of the night to deal with an alert.

Your company’s culture can seriously impact your staff’s “safety needs”.

I’ve witnessed first-hand engineers who are woken up at 3 AM and then lose it at an analyst for doing so. “Shooting the messenger” is unacceptable behaviour, especially if the analyst follows a formal process.

When your team are attacked for doing their role, they will lose confidence in themselves and in your operations processes, which can lead them to avoid calling out staff when it’s deemed an emergency.

You need to provide psychological safety nets to your staff in the form of processes, and if you see or hear of your team being verbally abused for their roles, you have to act fast, ensuring that your analysts are protected from harm.

Physical Safety

Furthermore, having frequent one to one with your staff can build trust and encourage them to raise issues with you around what is happening in that operations room at 3 AM.

Junior security analysts can be immature as they have yet to experience being in a work environment. And will not always have full awareness of their actions.

The fact is that at 3 AM, no matter whom you have hired, you can not always guarantee that staff are going to behave professionally. And suppose staff feel threatened because of another team member’s inappropriate behaviour or think another team member is jeopardizing the operation. In that case, they have to bring this to your attention.

And if and when they do, you must act on it, or you’ll end up losing that staff member because you have not met their basic needs for security and safety. More you could end up losing your job when it comes out that your team has been abusing company resources on your watch.

Job Safety

Having standardized processes throughout your SOC can address any staff’s fears about doing their job. For example, left at 3 AM, the last thing you want is to introduce extra stress into their lives with undocumented alerts, where the junior isolated staff member has to decide which wire to cut to defuse the potential bomb.

Make sure everyone is aware of what tasks are needed to be done and make sure staff are well trained to do this; this can save the team from worrying about their performance and make them safe and secure in their role.

Job security is a basic need, as is financial security. Your operations centre can help provide these to your staff by being clear around your remit, purpose, and the benefit you provide the organization.

Until next time!

LR