Solving burnout in cyber with L&D | Issue #5

Solving burnout in cyber with L&D | Issue #5

Welcome to issue #5 of ThreatReady! 

ThreatReady is your source of actionable truth based on the latest industry news. It offers a people-centric perspective that connects deeply with the challenges and triumphs of leading security teams and strategy.

If the cybersecurity landscape were a chessboard, the ThreatReady newsletter would be your strategic guide to staying three moves ahead of bad actors.


Trial the HTB Platform for free. Evolve ahead of threats

“How proactive is your security strategy?”

This seems to be the new hot question, with an emphasis on the keyword: proactivity.

The answer from many CISOs and executives to the above question isn’t exactly encouraging. 

40% believe their organizations are poorly prepared to face a potential incident, breach, or crisis (ThoughtLab). 

Why so?

We believe a key contributor to preparedness is the time it takes a cyber workforce to understand the threats they face, and then go deal with them. This requires:

  • Visibility. Insight on relevant threats that are emerging.
  • Prioritization. Knowledge of which threats to prioritize based on your unique attack surface.
  • Remediation. The skills and ability to identify and mitigate high-priority security risks. 

HTB enables cyber teams to prepare for emerging risks and vulnerabilities that malicious actors exploit to compromise systems, data, or networks while developing tactical response strategies to address them.

Book a demo of the Enterprise Platform

Start your free trial of HTB


Battling SOC burnout in cyber: Is L&D the answer? 

Skills development opportunities play a major role in mitigating burnout. 

At least, that’s what the data from over 800 security professionals surveyed in our 2023 annual Cyber Attack Readiness report tells us. 

We found that 62% of managers rated “opportunities to learn new skills” as the best way to prevent burnout among security staff.

What’s surprising is that compensation wasn’t highly rated as a factor for engagement, with only 26.5% of security team members saying that an increase in salary would keep them engaged at work. 

Read our report summary on beating SOC burnout to learn more. 


Proactive AI risk management 

A comprehensive and well-defined AI risk mitigation policy defines the “rules of the road” for AI usage within an organization. 

A proactive approach enables organizations to better handle their AI risk exposure and simplifies enforcement and compliance as AI becomes ubiquitous. 

But where should you start?

Our latest guide on the topic shares the common AI risks to look out for and how to develop an AI risk mitigation strategy that aligns with your tech infrastructure. 

Develop your AI risk management policy

Speaking on the world of AI risks and threats, there’s been some interesting news in the world of AI during May: 

  • Wiz researchers shared a critical vulnerability with an AI–as-a-service provider that could allow malicious AI models to be developed and lead to the exposure of proprietary data.

  • Microsoft has deployed an offline generative AI model designed to analyze top-secret information for US intelligence agencies. The GPT-4-based model is part of an ongoing effort by intelligence agencies to use AI for data handling
  • Mastercard unveils plans for integrating AI to bolster fraud detection capabilities. The new fraud-prediction technology is expected to reveal patterns in stolen cards faster, allowing financial institutions to take action before criminals can use the data.


Win your “board's blessing” with this reporting template

As a security leader, your job is to help the board understand three things: 

  1. What are the risks to the business?
  2. How well is the organization managing those risks?
  3. Are those risks costing money or disrupting operations?

Unfortunately, linking cybersecurity risk and overall business risk isn’t always easy when speaking to non-technical stakeholders.

You can bridge this gap—gaining the support and investment you need—with effective reporting that aligns cybersecurity metrics with business risk and continuity strategy.

Get our free template for reporting cyber risks


Join our exclusive SME club

Hack The Box (HTB) Subject Matter Experts (SMEs) are our go-to team for specialist insights on editorial content.

Being part of the HTB SME club means you'll be on an exclusive list to provide specialist insights and quotes. 

Whenever we create content that involves your specialty in cybersecurity, we'll reach out to you as a potential source, and if you respond, we'll share your unique experiences with the world.

Apply to become an HTB SME


Wins of the month (let’s celebrate fellow security leaders) 👏

Matthieu Billaux, CTO of Offensive Security Counsel and R&D activities, Hackcyom: Recently obtained the PASSI qualification for his company. PASSI is the French equivalent of CREST, you need to have it to offer services to sensitive companies in France.


👉 Share your win with the community

Your expertise and insights are invaluable. And we’re eager to share them with our vast audience of over 2.8 million members.

We’d be honored to feature your top "win" of the month related to your team, department, or security program in the next edition of ThreatReady.

A “win” could be:

  • Achieving compliance or industry standards.
  • Successfully onboarding new team members.
  • Celebrating your team’s performance.

The top wins will be shared in the next month’s edition of ThreatReady (and if it’s really good, may get some additional love on social media). Want to share your win?

Drop a comment below telling us what it is👇

Jan B.

Beta-tester at Parrot Security* Polymath*

6mo

Great advice! Thank you HTB 😊😊😊😊😊

Great advice!

To view or add a comment, sign in

More articles by Hack The Box

Insights from the community

Others also viewed

Explore topics