More than half of senior security professionals impacted by burnout

59% of UK senior cyber security professionals feel burnout at work has impacted their ability to do their jobs effectively.

  • 1 year ago Posted in

As workloads continue to grow in response to ever-evolving cyber threats, UK cybersecurity professionals are increasingly struggling with burnout, according to 2023 research from CyberArk, .

The study found that burnout has impacted the ability to do their job effectively for over half (59%) of security professionals, even as the volume of cyberattacks continues to escalate and cause damage. In the past 12 months 80% of UK organisations have experienced a ransomware attack – up from 70% last year - and 47% of those affected have paid a ransom at least twice to allow recovery.

Security teams are often asked to work long hours to protect against cyber threats, despite budgets and available resources continuing to shrink due to economic pressures. It’s therefore more important than ever for them to be performing at the optimum level, but CyberArk’s research suggests burnout could be hampering those efforts. With 66% of those experiencing it serving as c-level executives – senior decision makers who are directly responsible for organisation’s cyber defence mechanisms – these findings are cause for significant concern.

“The ability to monitor for interference in an organisation’s tech infrastructure and shifts in the threat landscape is integral to every security professional’s role, given the fast-paced and impactful nature of cyberattacks,” said David Higgins, Senior Director, Field Technology Office at CyberArk. “Burnout is alarming in that context, because it impairs the ability to defend their organisation. One wrong decision or missed signal can open the door to reputational and monetary damage for an organisation.”

This rise in burnout is an even bigger concern in the context of ongoing increases turnover and talent shortage in the industry. Last year, the global shortage of cybersecurity professionals stood at 3.4 million, compared with a total cyber workforce of 4.7 million, according to research by ISC2, an association for cyber security professionals. Employees affected by burnout may choose to move on to other opportunities or take a step back from their work to help improve their wellbeing. In security, that means reduced numbers of expert personnel and heightened levels of vulnerability for their employer. According to CyberArk’s research, 61% of cyber security professionals believe that ‘regular’ employee churn/ turnover in the next 12 months will also cause security issues.

Commenting on the findings, Higgins added: “Employee burnout affecting cybersecurity teams needs to be addressed – and fast – if organisations want to keep their cyber defences watertight. Using AI and technology tools can boost proactive defences and also help alleviate ‘low level’ workloads, for example automating threat detection and response or to support identity risk analysis. Automation can mean practitioners are better able to focus on more meaningful tasks. But above all, directly addressing ongoing threats – whether from internal or external sources – requires a workforce that is mentally, physically and technically equipped to keep attacks at bay. And that should be an absolute priority.” 

Acquisition of leading DSPM company will bolster Proofpoint’s human-centric security platform...
NTT DATA’s new Managed Detection & Response service powered by Palo Alto Networks Cortex XSIAM...
SPG is enhancing its cybersecurity capabilities in a new partnership with Saviynt, a leading...
Graylog has unveiled significant security advancements to drive smarter, faster, and more...
Datadog has published its new report, the State of Cloud Security 2024. The report found that...
ISACA research shows automating threat detection/response and endpoint security are the most...
Strategic partnership unifies AI-native endpoint security and next-generation firewall protection...
Advanced forms of social engineering are on the rise, though obvious gaps like weak passwords are...