Tech News : IT Security Threatened By Professional Burnouts

28th February 2023

A Mimecast spokesman has warned that in a labour market already stretched by shortages, Dutch digital resilience could be threatened if more attention isn’t paid to the mental well-being of cyber security professionals.

Wanting To Change Jobs 

Recent research commissioned by Mimecast in the Netherlands showed that a quarter of Dutch IT professionals are considering changing jobs in two years due to the risk of ‘burnout.’ Although burnout rates in the Netherlands among cyber security specialists are lower that the global average – 35 per cent as compared to 56 per cent – the research revealed that stress levels are high. It is thought that burnout rates are only as low as they are due to a ‘part-time’ culture, a good national work-life balance, and an innate cultural directness that highlights issues early.

What Kind Of Stresses? 

The kind of stresses and fears identified by the Mimecast research that cyber security professionals are facing, are reported to be:

– Security cutbacks at organisations.

– An increasing threat of cyber attacks.

– Feeling unrecognised in their work.

– Increasing media coverage of ransomware attacks making security professionals feel pressure to prepare properly.

– Fears about cyber insurance coverage and fear of potentially devastating attacks on critical infrastructure.

– Added pressure from the high workload caused by a chronic shortage of cyber specialists.

Could Affect Dutch Cyber Resilience 

The implications of cyber security professionals leaving the industry due to burnout and changing careers could be that Dutch businesses and organisations may be more at risk of successful cybers attacks, the loss of valuable knowledge and expertise in the industry, greater pressure on those left behind, plus making it more difficult for many  companies to find and afford cyber security professionals – i.e. low supply and high demand.

In Australia Too 

An Australian study from not-for-profit cyber mental health support initiative Cybermindz.org in December last year reached similar conclusions. For example:

– The rapidly evolving, relentless attack environment defying any sense of ‘job well done’ among cyber professionals and creating a sense of hopelessness.

– Early evidence of burnout in cyber professionals, signalling a potential loss of skills to a critical part of the economy which could lead to “systemic weaknesses in our human cyber defences would tend to impact society at mass levels, especially if essential services like water, energy, telecommunications, health, financial services, food distribution and transportation are affected.” 

What Can Be Done To Help? 

Some of the measures that can be taken to help the situation include:

– A serious acknowledgement of the conditions and challenges IT professionals face.

– Giving more board-level attention to the issue, which could create safer workplace conditions.

– The use of stress-reducing tools such as CyberMindz’s Integrative Restoration or iRest protocol.

– Greater promotion of mental health help options in the cyber community.

– Providing clear job descriptions and expectations to help cyber professionals to understand what is expected of them and what their responsibilities are, which can reduce ambiguity and stress.

– Encouraging work-life balance by promoting flexible working hours, remote work options, and setting realistic deadlines.

– Offering training and development opportunities to help cyber professionals stay up to date with the latest technologies and best practices, thereby improving job satisfaction, reducing stress, and increasing motivation.

– Ensuring that cybersecurity teams have access to the necessary resources and tools to perform their job effectively, e.g. by providing access to the latest software, hardware, and equipment, as well as providing support staff to help with administrative tasks.

– Fostering a positive work environment by promoting a culture of collaboration, recognition, and appreciation, as well as providing opportunities for team building and socialising.

– Managers and supervisors regularly checking-in with their cybersecurity professionals to gauge their wellbeing, discuss any concerns or issues they may be facing, and provide support when needed. This can help to build trust and rapport and can help to identify and address issues before they escalate into burnout.

What Does This Mean For Your Business? 

Research into this subject has highlighted a mostly hidden but important issue which, if not addressed, could have serious knock-on effects for many businesses, organisations and society as a whole. In addition to the relatively unrecognised human cost of the increasing stresses faced in today’s cyber professions, plus the potential loss of expertise from the cyber security industry, failing to address this issue could leave whole countries and societies open to devastating cyber attacks. As Cybermindz pointed out, these could impact society at mass levels through disruption to essential services like water, energy, telecommunications, health, financial services, food distribution and transportation.

Now that studies have revealed the extent of the issue, businesses may want to take a close look at how their own cyber professionals are feeling and identify what could be done to reduce their stress and the risk of them leaving. For example, measures such as providing clear job expectations, encouraging work-life balance, offering training and development opportunities, providing adequate resources, fostering a positive work environment, plus regularly checking in with employees could all help. By adopting these strategies, companies could help to improve the job satisfaction and wellbeing of their cybersecurity professionals, while also enhancing their performance and productivity.