Dire Impact of Burnout in Cyber Industry

0

Lacework today released the findings of new research into burnout in the cyber security industry across Australia and New Zealand. The results revealed over half (57 percent) of local cybersecurity professionals are either looking for new employers or considering exiting the industry altogether. This fuels concerns about local cyber skills shortages, with more than one-quarter of respondents (27 percent) also saying that current resourcing is failing to meet this year’s needs.

The survey, conducted amongst ANZ IT decision makers with a responsibility for cloud cyber security, also highlighted the need for greater toolchain consolidation and alert reduction to alleviate rising complexity and stress in the industry.

Increased stress levels driving industry burnout

Highlighting the burgeoning workload local security professionals face, almost all (87 percent) of those considering leaving the industry cite ‘burnout from workload’ as a reason. Rising stress levels were also reported across the sector. Over half (54 percent) of respondents said they now find cybersecurity a more challenging work environment than when they started. This is felt even more so amongst C-Suite and senior management roles, with more than two-thirds (69 percent) saying the same.

The impacts of local businesses shifting to remote work post-pandemic has also led to greater strain on cybersecurity professionals, with more than half (57 percent) saying they are personally managing a remote workforce. Of those, 58 percent report increased stress as a result, and close to three-quarters (70 percent) have an increased workload.

Cybersecurity struggling to retain talent long-term 

Highlighting dire concerns about the industry’s ability to retain talent, the survey showed that the newer a staff member is to cybersecurity, the more likely they are to leave. Those with less than one year of experience are more likely to leave (64 percent) than those with one to two years of experience (44 percent).

The Net Promoter Score (NPS) for cybersecurity was also very low at -9.4, putting the industry on par or worse off than the airline and insurance sectors. Worryingly, for those in the field for two years or less, the NPS is -32, showing that those new to the industry are having a negative experience and are even less likely to recommend cybersecurity as a career.

“New, talented individuals are leaving the cybersecurity industry too fast. To retain crucial talent in a tight market, more needs to be done to reduce the workload and stress on all those in the industry, and particularly newcomers. This is especially so given the rapid rate of change in the sector and mounting public pressure from recent high-profile security breaches,” said Richard Davies, Area Director Australia and New Zealand, Lacework.

Tool and alert overload driving complexity and risk

The research highlighted the need for drastic toolchain consolidation amongst local IT businesses. Cybersecurity staff across ANZ must learn and manage, on average, 12.9 different tools. Alarmingly, almost one-third of ANZ cyber security professionals rate those tools as poor, and three-quarters believe the accuracy of tools could be improved.

This proliferation of tools, combined with a burgeoning workload, has also meant that many alerts are going unchecked. Approximately two-thirds (64 percent) of ANZ organisations fail to check all alerts – leaving organisations open to risk.

Davies continues: “We are seeing a proliferation of cybersecurity tools and alerts – but neither are helping to reduce the workload for those in the industry. Conversely, they are adding more strain. The role of automation in this context is clear – we can streamline not only the monitoring and administrative processes in cybersecurity, but also reduce the alerts and thereby reduce risk.”

Share.