Wellbeing and why looking after it is critical in cybersecurity

We wrote previously about the prevalence of burnout in the cybersecurity industry and what you can do to prevent it. Still, no company should be aiming to keep their teams just below the point of exhaustion, far from it. The better your team feel, the better they will perform, which is why we believe companies should be taking proactive steps to support employee wellbeing.

How do you measure wellbeing?

Wellbeing is a term used a lot these days, but how many of us are using it correctly? According to the Oxford English Dictionary, and in simple terms, wellbeing is “the state of being comfortable, healthy, or happy”. However, there is no set way of measuring it, and happiness can mean different things to different people.

Several factors contribute to positive wellbeing too, such as:

• Social interaction – keeping good relationships and feeling a sense of belonging
• Physical health – making good choices for our diet and keeping active
• Economic – feeling a sense of financial security
• Intellectual – emotional and psychological wellbeing, whereby your mind is stimulated, you’re interested in learning new things and can cope with the challenges around you

A lot to consider! Fortunately, there is a Warwick-Edinburgh Mental Wellbeing Scale (WEMWBS) whereby you can measure positive wellbeing based on 14 positively worded terms such as “I’ve been interested in new things” and “I am feeling optimistic about the future”. By scoring each statement on a five-point scale, you end up with a total score, and the higher it is, the better your wellbeing is.  This scale also means you can check improvements or deterioration over time.

How can you improve it and support your employees?

While all the above “measures” of wellbeing can be influenced by an individual’s behaviour, for many years, it has been the responsibility of the employer to step in and provide wellbeing support too. There are many self-serving reasons for this which we’ll touch on later in this article.

In terms of improving wellbeing as an employer, there is a vast range of options, with the simplest being to outsource the entire programme to an external wellbeing provider. They’ll assess your company’s structure, employee demographic and wellbeing levels and activate a strategy to ensure every staff member has all the support they need to feel happy, healthy and fulfilled. Typically used by big enterprises, some providers work specifically with small businesses and startups.

Of course, that level of wellbeing expertise comes at a price, so many companies take on wellbeing themselves, offering gym membership and home fitness equipment within the suite of employee benefits, as well as an extra holiday or “duvet day”, counselling and coaching.

One company, RotaCloud, based in York, has placed wellbeing at the heart of its business strategy and introduced:

• Virtual cooking classes
• Two-hour lunch breaks
• £500 annual learning budget per employee
• A plant budget to furnish their homes

Another, The Point.1888 from Brentwood in Essex, offers its staff ultra-flexibility in the form of unlimited holidays and the ability to work when and where they want. The only condition: they give their best work and get the job done.

Other businesses such as MDSec and Hubspot have provided their staff with extra days off recently.

Why is it important?

We’ve talked you through how you can improve wellbeing, and now here’s our case on why you should.

1. Increased productivity. If your team has the means to look after themselves, their concentration levels and stamina will be high, and their performance will be strong. Not only that but there will be fewer sick days taken.
2. A happy company culture. A happy team will stick around and should be more inclined to work harder and support their teammates.
3. Lower staff turnover. If your employees feel happy and cared for at work, the likelihood of resignations will be lower, which will save you thousands in recruitment and onboarding costs.
4. Decrease in health costs. Neglecting one’s wellbeing can lead to significant health problems in the long term, which you as an employer may have to cover.
5. Less chance of human error. Tiredness and poor health can affect concentration levels and attention span, leading to mistakes being made. In cybersecurity, an error can and does lead to data breaches.
6. Reduced chance of burnout.

A final word for cybersecurity

All the above is essential in any industry, but we recommend that extra attention is paid in cybersecurity. Not only can the risks of poor wellbeing be high – approximately 88 percent of all data breaches are caused by an employee mistake – but an IT or cybersecurity team is also less likely to adopt company-wide wellbeing programmes than other departments. The reason for this is twofold:

1. If there have been clashes in the past with other departments concerning IT issues or security breaches, then they may not feel respected by their colleagues and therefore not wish to take part in company “events”
2. They’re under so much pressure with work that they do not feel they can take time out, even for their wellbeing.

If the latter is true, then it must be addressed. One of the most time-consuming tasks for a cybersecurity team is vulnerability prioritisation. So much so that 53% of companies feel they spend more time navigating manual processes than actually responding to vulnerabilities.  Give your team the ability to work smarter, not harder, by automating this task to spend their time more effectively on remediation and allow themselves breaks and other opportunities to invest in their wellbeing.

The results will be worth it.