Share this article on:
Almost half of security workers feel that burnout is stopping them from doing a better job keeping their organisations safe.
A new report has shed light on the impacts of burnout and related fatigue on cyber security professionals in Australia, and the results show a workforce being held back from its potential.
Sophos’ The Future of Cybersecurity in Asia Pacific and Japan report offers a detailed snapshot of the pressures placed on cyber security workers and the impacts of burnout on an organisation’s security posture.
More than 200 Australian companies were consulted for the report, as well as organisations from around the region.
Overall, burnout in some form affects 86 per cent of Australian IT and cyber security professionals – an alarming figure.
The rate of burnout appears to be increasing, too, with 30 per cent of respondents saying that it has increased “significantly” over the past year. Forty-three per cent said that burnout was making them less diligent on the job, too, with 19 per cent admitting that burnout had led or contributed to an incident occurring on their watch.
Seventeen per cent of companies reported that burnout was affecting incident response time, as well.
The causes of burnout vary, but the number one contributor, according to the report, is a lack of resources. The day-to-day routine can be monotonous, too, which is another contributing factor, while downward pressure from the board or C-suite is another.
Constant alerts from suites of security tools are another driver of burnout, and the combination of increased rates of cyber security incidents with the drive to adopt new technologies also contributes.
With burnout so prevalent, the report found that many professionals were becoming embittered. Twenty-nine per cent reported that they were feeling more and more cynical on the job, while 20 per cent said the role contributed to significant levels of anxiety. Feelings of guilt are rare but not uncommon, and burnout is also driving a brain drain – 22 per cent of professionals have said they want to leave the industry.
Twenty-three per cent of all those surveyed said they already had resigned due to the pressure of burnout.
“At a time when organisations are struggling with cyber security skills shortages and an increasingly complex cyber attack environment, employee stability and performance are critical for providing a solid defence for the business,” said Aaron Bugal, field chief technology officer at Sophos.
“Burnout and fatigue are undermining these areas, and organisations need to step up to provide the right support to employees, especially when, according to our research, 19 per cent of Australian respondents identified that cyber security burnout or fatigue contributed to, or was directly responsible for, a cyber security breach.”
You can read the full report here.