Key Takeaways
- According to a BlackFog survey, nearly 25% of cybersecurity leaders said they would like to quit their positions because of their high stress levels.
- The demanding nature of their jobs is highlighted by the fact that 98% of respondents said they worked above their allotted hours.
- Many participants acknowledged that they use alcohol or drugs to deal with the stress they face at work.
According to a recent survey, 24% of cybersecurity executives are thinking about quitting their positions due to the excessive stress caused by malware threats and AI-driven attacks.
With businesses firing workers on a regular basis, the labor market is going through a difficult period. According to a Sapio Research online poll of IT security decision-makers conducted on behalf of BlackFog, 24% of cybersecurity leaders are thinking about quitting their positions.
Companies with more than 500 employees in the US and the UK participated in the poll, which was carried out in July and August 2024. Overwhelming stress in their line of work was the main reason given by 93% of the roughly 25% of CISOs who were thinking about quitting.
Attacks using ransomware, malware, and artificial intelligence are the most stressful
Leaders in cybersecurity have always had a difficult job. They deal with supply chain attacks, phishing, and malware on a regular basis. The fact that they risk personal prosecution in nations like the US if they are unable to adequately mitigate a cybercrime incident makes managing these dangers much more onerous.
According to the BlackFog survey, this additional strain has an impact on their performance. According to the data, 37% of professionals said that handling malware and ransomware is the most stressful part of their work. Furthermore, 42% of cybersecurity executives are worried about assaults powered by AI, in which criminals employ AI to introduce intricate and challenging-to-counter risks.
An CISO’s entire workload is influenced by more than just coping with threats. Implementing solutions that preserve usability and productivity is another of their responsibilities. Leaders in cybersecurity frequently put in extra hours to meet these needs.
98% of cybersecurity leaders said they worked past their contracted hours, according to the survey. These professionals put in about nine extra hours a week on average. Additionally, 15% of respondents work 16 extra hours per week on top of their contracted hours, according to the survey.
Leaders in Cybersecurity Are Using Drugs to Reduce Stress
In their spare time, many cybersecurity professionals use sports and hobbies as a way to reduce stress and enhance work-life balance. Nonetheless, according to the survey, 45% of participants have turned to drugs or alcohol as a coping mechanism for the stress and lengthy workdays. They have also spent less time with their families and distanced themselves from social events.
Burnout is caused by a mix of long work hours, juggling security and usability, and separating from loved ones. Consequently, the study found that about 54% of cybersecurity executives would quit the field if given the chance. The companies they work for are at serious risk because of this.
Organizations may incur significant costs if their best personnel leave a field where it’s hard to hire qualified cybersecurity leaders. It would lower team morale and expose the company to fresh and developing challenges.
How to Handle Burnouts
According to the respondents, they constantly turn to their employers for cooperation and support on significant projects. According to BlackFog research, around 63% of participants reported that their relationship with the board had improved throughout the previous 12 months. Of those, 73% said that board members helped them deal with stress in a useful way.
In order for the company to be up to date with emerging cybersecurity risks and have the resources necessary to counter them, respondents also turn to senior leadership to boost security budgets. Organizations should refrain from holding their cybersecurity leaders personally liable since doing so may cause them to lose important employees. When board members and cybersecurity leaders have a history of disagreement, the risk increases even further.
Cybersecurity executives should also be given the opportunity to work remotely or in a hybrid role, as well as flexible work hours, considering the high degree of stress associated with their profession.
