A ‘war room’ style reaction to security incidents is burning out IT staff
Blame culture and tiring post-incident meetings are damaging workplace environments and burning out staff, research shows
Disconnected IT teams, blame culture, and a ‘war room' style approach to incident management are hampering enterprise security operations, according to new research.
A study conducted by Dynatrace found 91% of organizations are still playing the blame game with IT service providers in the wake of serious incidents, which is creating a fractured relationship between firms and providers that damages both long-term relationships and the ability to react to emerging threats.
This blame game leads to an increasing reliance on war-room-style meetings to deal with cyber incidents, according to Dynatrace, which in turn extends the duration of the incident and creates tense workplace environments.
Dynatrace revealed 49% of IT teams have been left feeling burnt out by these war rooms, with 46% admitting their job caused them to miss personal time during evenings and weekends.
Moreover, 21% of professionals in IT teams have considered switching job roles or even a total career change due to the increased stress associated with their position.
Rob Van Lubek, VP for EMEA at Dynatrace, said he believes war-room-style incident management is particularly damaging for enterprises as not only does it frequently fail to remediate the issue, but also hurts office culture, impacts employee retention, and exacerbates skills shortages.
“War rooms are an extremely negative approach to resolving problems, and against the backdrop of continued skills shortages, can significantly deepen resourcing challenges for many organizations,” he said.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Van Lubek described the increasingly cumbersome expectations placed on IT staff as unsustainable, warning enterprises cannot continue operating under previous workplace norms.
“What looked like ‘business as usual’ five years ago is no longer acceptable for many IT professionals, who reassessed their work-life balance during the shift to hybrid working”, he explained.
The high-stress environment of war rooms and the looming threat of emergency conference calls at any hour of the day can lead to a disenfranchised and disengaged workforce that is constantly on the lookout for their next employer.”
Psychological safety is key
Dynatrace’s findings also showed a reliance on siloed monitoring tools and manual processes across a number of businesses amplifies the challenges created by war-room-style incident response.
Only 29% of respondents said their organization uses a single platform and the same data to monitor and manage their digital services.
The result is that each professional has a different reference point when approaching a particular problem, and thus ends up working from separate truth values. Long-term, this further fuels an adversarial office culture defined by blaming other teams.
Dynatrace claimed this causes teams to be more reluctant to take ownership of problems, resulting in longer incident response times, or issues going unaddressed entirely.
Fostering a culture where team members feel comfortable expressing their opinions, taking calculated risks, and raising concerns or mistakes, should be a priority for businesses looking to retain staff as well as improve productivity.
This concept of trust and stability in the workplace is often referred to as psychological safety, and should be top of mind for organizations, according to experts.
Van Lubek added that if they are to retain skilled IT staff, businesses need to redefine how their teams work together within the organization as well as how they collaborate with external parties.
Solomon Klappholz is a Staff Writer at ITPro. He has experience writing about the technologies that facilitate industrial manufacturing which led to him developing a particular interest in IT regulation, industrial infrastructure applications, and machine learning.