Over 50% of those working in the IT security industry are currently experiencing burnout amidst rising threat levels.
This is according to the Chartered Institute of Information Security (CIISec)’s The Security Profession 2019/2020 report, which surveyed 445 IT security professionals.
The report revealed that 54% had either left a job due to overwork or burnout, or have worked with someone who has in the past. Furthermore, the top reasons for leaving a job were a lack of opportunity or progression; unpleasant or bad management and poor remuneration.
Respondents also noted that if teams are stretched or smaller during busy times or holiday periods, this may increase the chance their organisation will be impacted by a cyberattack.
“Sadly, security teams are only likely to come under more pressure in 2020, as the Covid-19 outbreak and its aftermath have profound effects on businesses’ budgets and ability to operate,” said Amanda Finch, CEO of CIISec.
“Unless the industry can learn how to do more with less while also addressing issues of diversity and burnout, risks will rise and organisations will suffer. To avoid this, we need the right people with the right skills, giving them the help they need to reach their full potential. This doesn’t only apply to technical skills, but to the people skills that will be essential to giving organisations a security-focused culture that can cope with the growing pressure ahead.”
IT security burnout rises amid digital transformation
This comes as many organisations have had to accelerate their digital transformation due to a shift to remote working as a result of the pandemic, while cybercriminals are simultaneously using the pandemic as a hook for their phishing, hacking and fraud attempts.
According research comissioned by WatchGuard Technologies, 86% of cybersecurity professionals expect the number of cyberattacks to rise in the next 12 months. This comes at a time when cybersecurity budgets may be stretched due to financial uncertainty.
The CIISec report found that 82% of respondents said security budgets were not keeping pace with rising threat levels, with just 7% saying that budgets were rising ahead of threat levels.
“It is alarming to see so many CISOs feeling undervalued, as they will always have an important role to play but the pandemic has highlighted their importance more than ever,” said Dr Kiri Addison, head of data science for Threat Intelligence and Overwatch at Mimecast.
“CISOs need to consider themselves guardians of the company’s brand image, especially at a time when brand spoofing is so prominent. In fact, our recent State of Email Security Report found that 91% of UK respondents said they would be concerned if their organisation were to experience brand exploitation or a domain spoofing attack, while 48% of UK respondents have identified web (or email) spoofing attacks using their organisation’s domains or lookalike domains in the last year.
“CISOs must continue advocating the importance of cybersecurity to the organisation and demonstrate its value to the board. It’s also important that CISOs look to declutter their security environment and make sure they are getting the most out of solutions that they have invested in and that might require doing a full audit.”