editor ’ s question

Recent estimates put the shortage of cybersecurity professionals at 3.5 million . The survey , conducted by Wakefield Research on behalf of Devo , demonstrates that in addition to the mental and physical toll stress takes on these under-resourced teams , their struggles also directly affect their organisation ’ s security posture . Burnout isn ’ t just a people problem ; it is a business problem that negatively impacts a company ’ s ability to safeguard its data , reputation and bottom line .

Cybersecurity burnout is compounding cyber-risk

Respondents to the survey reported several concerning trends that , if left unaddressed by CISOs and company leadership , could result in costly turnover , financial damages from regulatory fines and lost consumer trust . More specifically , the survey found that :

• 83 % of IT security professionals admit they or someone in their department has made errors due to burnout that have led to a security breach .

• 85 % say they anticipate they will leave their role due to burnout ; 24 % say they ’ ll leave cybersecurity entirely .

• 77 % say stress levels at work directly affect their ability to keep customer data safe .

“ These findings are a harsh wake-up call for enterprise leaders but also provide an opportunity for change ,” said Marc van Zadelhoff , CEO , Devo . “ Caring for security teams isn ’ t just a ‘ nice thing ’ to do , it ’ s the right thing for both the individuals working the frontlines and the broader business .”

Security professionals feel unsupported by leadership

The survey also uncovered a deep disconnect between security leadership and their teams . Even though over half of the respondents reported that alert fatigue has caused increased anxiety or feelings of depression , they don ’ t think stress and burnout issues are taken seriously . More specifically :

• 76 % agree their IT leadership would not last one full day dealing with the number of alerts they manage .

• 45 % of IT professionals felt their leadership hasn ’ t responded proactively to employee burnout and wished their leaders would offer additional training , mentorship and development .

• 82 % say they ’ ve been told stress and burnout is just a normal part of their job .

“ Burnout is a persistent issue in the cybersecurity world , and unfortunately , too many security practitioners are told that ’ s just how it is . While CISOs deal with their own stressors , it ’ s imperative for leaders to always listen to and understand the needs of their teams ,” said Kayla Williams , CISO , Devo . “ Organisations that proactively provide staff with training , solutions and mental health resources have healthier and happier security teams and are more secure because of it .” www . intelligentciso . com

27