editor ’ s question
HOW CAN CYBERSECURITY PROFESSIONALS GRAPPLE WITH ALERT FATIGUE AND HOW DOES
THIS IMPACT OPERATIONS ?
? evo Technology , the
D cloud-native security analytics company , has unveiled the results of a new study examining the ramifications of cybersecurity burnout , finding the vast majority of IT security professionals admit stress has led them and peers to make errors that have caused data breaches .
Recent estimates put the shortage of cybersecurity professionals at 3.5 million . The survey , conducted by Wakefield Research on behalf of Devo , demonstrates that in addition to the mental and physical toll stress takes on these under-resourced teams , their struggles also directly affect their organisation ’ s security posture . Burnout isn ’ t just a people problem ; it is a business problem that negatively impacts a company ’ s ability to safeguard its data , reputation and bottom line .
Cybersecurity burnout is compounding cyber-risk
Respondents to the survey reported several concerning trends that , if left unaddressed by CISOs and company leadership , could result in costly turnover , financial damages from regulatory fines and lost consumer trust . More specifically , the survey found that :
• 83 % of IT security professionals admit they or someone in their department has made errors due to burnout that have led to a security breach .
• 85 % say they anticipate they will leave their role due to burnout ; 24 % say they ’ ll leave cybersecurity entirely .
• 77 % say stress levels at work directly affect their ability to keep customer data safe .
“ These findings are a harsh wake-up call for enterprise leaders but also provide an opportunity for change ,” said Marc van Zadelhoff , CEO , Devo . “ Caring for security teams isn ’ t just a ‘ nice thing ’ to do , it ’ s the right thing for both the individuals working the frontlines and the broader business .”
Security professionals feel unsupported by leadership
The survey also uncovered a deep disconnect between security leadership and their teams . Even though over half of the respondents reported that alert fatigue has caused increased anxiety or feelings of depression , they don ’ t think stress and burnout issues are taken seriously . More specifically :
• 76 % agree their IT leadership would not last one full day dealing with the number of alerts they manage .
• 45 % of IT professionals felt their leadership hasn ’ t responded proactively to employee burnout and wished their leaders would offer additional training , mentorship and development .
• 82 % say they ’ ve been told stress and burnout is just a normal part of their job .
“ Burnout is a persistent issue in the cybersecurity world , and unfortunately , too many security practitioners are told that ’ s just how it is . While CISOs deal with their own stressors , it ’ s imperative for leaders to always listen to and understand the needs of their teams ,” said Kayla Williams , CISO , Devo . “ Organisations that proactively provide staff with training , solutions and mental health resources have healthier and happier security teams and are more secure because of it .” www . intelligentciso . com
27