The National Security Agency published a news feature today that provides a new, NSA-developed resource for organizations looking to promote the well-being of their cybersecurity personnel.
Dr. Celeste Lyn-Paul, senior researcher and technical advisor at NSA Research, and Dr. Josiah Dykstra, deputy technical director of NSA Cybersecurity Operations, developed the Cyber Operations Stress Survey (COSS) to help gauge stress levels of security personnel in high-risk environments.
“As cybersecurity operations have matured over the past decade, managing growth of the volume of security alerts has increased demands on cybersecurity operators,” NSA wrote. “Stress in this environment therefore is an important risk factor, both for performance and employee burnout.”
NSA is billing COSS as a “low-cost method for studying fatigue, frustration, and cognitive workload in real-time tactical cyber operations,” where “the talent that does this work has extensive, expensive training and employee turnover is costly.”
The survey charts factors such as: fatigue; frustration; mental, physical, and time-related demands; effort; and team synergy. Cybersecurity operators self-report on these factors before and after performing their duties, providing a glimpse into the overall strain on staff.
“Tactical cyber operations require speed and precision,” said Dykstra. “And stress may negatively affect operational security, work performance, and employee satisfaction.”
NSA recommends using COSS “as a baseline for your organization’s current environment” and “measuring the benefits of increased machine automation and human augmentation.” It also encourages transparency in the findings, and engaging employees for best solutions on mitigating stress.
“Cybersecurity operators defend vital networks from all-day, every-day barrages of intrusion and attack attempts,” NSA said. “The stakes are high–compromises of those networks can affect the lives and livelihoods of thousands, even millions of people.”
