83% of IT Security Professionals Say Burnout Causes Data Breaches
September 20, 2023
PRESS RELEASE
CAMBRIDGE, Mass. – Sept. 19, 2023 – Devo Technology, the cloud-native security analytics company, today unveiled the results of a new study examining the ramifications of cybersecurity burnout, finding the vast majority of IT security professionals admit stress has led them and peers to make errors that have caused data breaches.
Recent estimates put the shortage of cybersecurity professionals at 3.5 million. The survey, conducted by Wakefield Research on behalf of Devo, demonstrates that in addition to the mental and physical toll stress takes on these under-resourced teams, their struggles also directly affect their organization’s security posture. Burnout isn’t just a people problem; it is a business problem that negatively impacts a company’s ability to safeguard its data, reputation, and bottom line.
Cybersecurity Burnout Is Compounding Cyber Risk
Respondents to the survey reported several concerning trends that, if left unaddressed by CISOs and company leadership, could result in costly turnover, financial damages from regulatory fines, and lost consumer trust. More specifically, the survey found that:
· 83% of IT security professionals admit they or someone in their department has made errors due to burnout that have led to a security breach.
· 85% say they anticipate they will leave their role due to burnout; 24% say they’ll leave cybersecurity entirely.
· 77% say stress levels at work directly affect their ability to keep customer data safe.
"These findings are a harsh wake-up call for enterprise leaders but also provide an opportunity for change," said Marc van Zadelhoff, CEO, Devo. "Caring for security teams isn't just a 'nice thing' to do. It’s the right thing to do for both the individuals working the frontlines and the broader business."
Security Professionals Feel Unsupported by Leadership
The survey also uncovered a deep disconnect between security leadership and their teams. Even though over half of the respondents reported that alert fatigue has caused increased anxiety or feelings of depression, they don’t think stress and burnout issues are taken seriously. More specifically:
· 76% agree their IT leadership would not last one full day dealing with the number of alerts they manage.
· 45% of IT professionals felt their leadership hasn’t responded proactively to employee burnout and wished their leaders would offer additional training, mentorship, and development.
· 82% say they’ve been told stress and burnout is just a normal part of their job.
"Burnout is a persistent issue in the cybersecurity world, and unfortunately, too many security practitioners are told that’s just how it is. While CISOs deal with their own stressors, it’s imperative for leaders to always listen to and understand the needs of their teams," said Kayla Williams, CISO, Devo. "Organizations that proactively provide staff with training, solutions, and mental health resources have healthier and happier security teams and are more secure because of it."
You can review the full survey results here. Devo is also hosting its third annual SOC Analyst Appreciation Day on October 18 to encourage organizations to improve security teams’ mental well-being. Review the agenda and register for the free virtual event here.
Methodology
Between June 27 and July 8, 2023, Wakefield Research issued an online quantitative survey to 200 IT security professionals from larger organizations, defined as companies with $500 million or more in revenue.
About Devo
Devo is the only cloud-native security analytics platform that combines the power of people and intelligent automation to confidently defend expanding attack surfaces. An ally in keeping your organization secure, Devo augments security teams with AI — enabling you to continuously scale SOC efficiency, increase the speed of threat detection and response, and gain greater clarity to empower bold action, minimize risk, and maximize outcomes. Headquartered in Cambridge, Massachusetts, with operations in North America, Europe and Asia Pacific, Devo is backed by Insight Partners, Georgian, TCV, General Atlantic, Bessemer Venture Partners, Kibo Ventures and Eurazeo. Learn more at www.devo.com.
You May Also Like
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024