Fatigue, a concept familiar to many in the technology industry, can be defined as unrelenting exhaustion or stress that negatively affects an individual’s emotional and psychological health. Fatigue reduces productivity and may lead to a higher employee turnover rate as people quit due to unsatisfactory jobs or work environments.
For Security, Abuse, Operations, Postmaster, and Support managers and analysts, fatigue can also take many forms and come from different sources. An abuse report sent to “firstname.lastname@example.org” kicks off an internal process starting with the classification of offending content types ranging from spam, proliferating malware and hosted phishing sites to copyright violations, just to name a few. Without the right tools, technologies and management techniques, abuse management teams can experience various types of fatigue including event, information, case-management, mundane, collaboration and tool fatigue.
According to the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), “Abuse work is generally a thankless task, and feeling as though upper management is being supportive and recognizes the importance of their contribution is a great boost.” Addressing and mitigating abuse management team's fatigue and enabling them with latest orchestration and automation tools is critical to your organization's response and employee success.
Today, the sheer volume of daily events generated by bad internet actors can reach into the millions and make it almost impossible for an abuse management team to go through and address all incoming complaints. As a result, small teams with ineffective software and no automation technology drop anywhere from 10 to as much as 50 percent of inbound abuse reports due to the difficulty of the workload. Abuse management teams must ensure that sensitive incidents are managed effectively, with the least amount of impact on business operations, users or the company’s brand. Teams must also manage the incident response process from identification to escalation, communications, resolution, and follow up. Without the right business processes and tools, event management can lead to fatigue.
Information overload interferes with an analyst’s ability to learn and engage in creative problem-solving. Like with event fatigue, it’s not possible at times to connect and analyze the high volume of incoming data points to eliminate threats in a timely manner. Events also create the need to track and analyze additional meta-data points generated including trends by abuse type, malware, vulnerability and subscriber. At some point, a comprehensive data analysis strategy must be put in place to prevent abuse management burnout and fatigue from information overload.
Case management involves managing events and incidents while ensuring they are triaged, tracked, investigated, resolved and communicated accurately using incident and case management software platforms or systems. Abuse management teams also conduct trend and gap analysis on incidents to address challenges before they occur and develop case management best practices. Managing too many cases in addition to daily routines can lead to abuse management fatigue.
Besides the repetition and sheer volume of abuse events, the daily viewing, analyzing and tracking of offensive material or inappropriate content can also lead to abuse management analysts feeling desensitized or alienated by the repetitive “mundane” or negative communications that must be managed. Automation and machine learning can help identify and filter out this type of content to prevent fatigue.
Working cross-functionally with a variety of internal teams including collaborating with policy and legal partners to improve operational workflows through process improvements is an important task for abuse management teams. The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) has found that keeping abuse teams up to date with information and pending changes, maintaining clear communication, giving importance to ideas and opinions, as well providing them honest feedback and generous praise can help alleviate fatigue and keep abuse management teams happy. Without this cross-functional collaboration, abuse management operations and efficiency could be greatly impacted leading to fatigue.
Many companies set up their own abuse management with a mix of homegrown scripts or tools and manual processes for abuse report handling. Some abuse handling platforms and tools are simply ineffective at automatically identifying and mitigating vulnerabilities and compromises in real time, allowing small vulnerabilities to escalate into bigger and much less manageable threats with potential disruptive network issues. The need to constantly add new rules to ineffective tools and update homegrown scripts to keep up with the security needs eventually leads to fatigue.
The Advantages of Automation
The only way to address ineffective abuse management tools and manual abuse handling is through automating security and abuse workflows with a low-cost, easy-to-maintain tool to increase subscriber alert speed, raise productivity and dramatically improve network security all while lowering support costs. Automating processes using workflows can resolve up to 99% of network abuse incidents without human intervention, lowering abuse management fatigue. Using automation, machines do the mundane processing of information and sending routine email notifications while people focus on more important decision-making for things like escalating issues, troubleshooting and case management. Using orchestration and automation tools, abuse and security teams can speed up response times, make business operations simpler and improve customer service and loyalty while eliminating the downsides of homegrown solutions and ineffective tools and software solutions.