Since Christmas is one of the most celebrated periods of the year, it’s undeniable that it comes with a lot of change for many businesses worldwide. Whether that is boosting product marketing alongside Christmas trends and discounts, shutting down an organisation for a week to recharge, or simply getting into the festive spirit with dinner and Christmas jumper days, employees make a shift in the way they approach work.
As a cyber security provider, we’ve asked our security analysts in the Security Operations Centre (SOC) to share what impact Christmas has on them – both personally and in terms of the work they deliver.
Read on to find out what they said – including our LinkedIn poll results at the end!
The answers for this question were a mixed bag. Christmas seems to affect security teams significantly in some ways and not in others. Due to people taking leave during Christmas and New Year and companies implementing change freezes so nothing major breaks whilst they run on limited staff, alert volumes slow down for many shift analysts.
However, if something detrimental were to occur, those working to remediate the incident would be under more pressure to deliver due to the firm running on skeleton staff. This means that, whilst typically the workload over Christmas seems to be the same/less than usual according to our security analysts, it could skyrocket under the circumstance of a real cyber threat.
“With the current cyber attack trend relying heavily on user interaction, if there’s no people in the office, there’s no one to click the links 😃”
– Kyle Huddart, Principal Security Analyst at Talion
The consensus seems to be that most cyber attacks target organisations in the run up to Christmas and after New Year’s – because attackers have holidays too!
Phishing seems to be a key social engineering tactic used around the holiday season, particularly as people are financially challenged so are likely to fall into the trap of product refunds and tax rebates in order to gain back some of the cash they spent on Christmas presents, foods and events. These techniques are usually used by cyber criminals post-Christmas.
In the lead up to Christmas, however, phishing messaging around delivery updates or fake Amazon/Apple billing invoices is common, especially with the increase in holiday activities such as buying gifts. We recommend you double check the source of your emails before clicking any potential malicious links.
To get the latest information on phishing, download our Ultimate Phishing Guide.
“There is nothing particular about Christmas vs any other major event – we see the same stuff with the likes of covid, energy bills etc. Any social engineering tactic which will engage the end user without them applying sense and logic is the game here.”
– Kyle Huddart, Principal Security Analyst at Talion
One of our security analysts did not want to answer this question on the grounds that they might jinx it! However, it seems that the period between Christmas and New Year tends to be less frantic as customers are typically on annual leave or entire offices shut for this period.
There is still the worry that if something does “hit the fan”, analysts are under more pressure than usual due to a limited security team available. Overall, though, the answers show that people are generally happier and more relaxed over the holiday season, so more work can get done.
We didn’t just ask our security analysts… but we asked our LinkedIn community too!
Here are the results of the LinkedIn poll:
What do you think is the biggest impact Christmas has on cyber security teams?
More attempted cyber attacks – 60%
Busier & more stressful period – 33%
No impact – 5%
Other (comment below) – 2%
Whilst we’ve asked our security analysts for their opinion on the impact of Christmas for this blog post, this is by no means a consensus for all. This will differ depending on company, specific roles and the individual themselves. However, we hope this gave you an insight into the seasonal changes within security teams.
Stay #CyberSafe this Christmas.
We wish you all a Merry Christmas and a Happy New Year!
Call us directly and we’ll put you in touch with the most relevant cyber expert.
Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.
Thought-provoking cyber security discussion at Michelin-star restaurants across the UK.
