Two-thirds of cybersecurity professionals have suffered burnout over the past year as a result of work-related stress, according to a new survey from Promon.
The Norwegian security vendor polled over 300 information security pros at this year’s Black Hat Europe expo in London to better understand the mental health of those working in the industry.
Of those who reported burnout, the largest group (50%) cited workload as their biggest source of stress. Promon found that 51% of responding cybersecurity professionals are working more than four hours per week over their contracted hours, with nearly a fifth working more than 10 hours over.
The next biggest sources of stress cited by respondents were management issues (19%), difficult relationships with colleagues (12%), inadequate access to the required tools (11%) and being underpaid (7%).
Although mental health is becoming less taboo, it remains off-limits for many professionals.
Nearly two-fifths (37%) of respondents said they didn’t feel comfortable talking about it with their employer, while a quarter (26%) claimed their workplace does not offer sufficient mental health support. A further 21% said they don’t even know if their employer offers any support.
Over two-fifths (41%) of those polled said they have considered moving jobs in the past year as a result of burnout.
That’s bad news for an industry already struggling with skills shortages. Such stories also make it harder for employers to recruit fresh talent.
“Knowing that these jobs often come with inherent stress, businesses need to do more to support their employees from the offset, and ensure that they know that they have a place to turn if things start to become overwhelming,” argued Promon VP of engineering, Jan Vidar Krey.
“Secondly, all businesses need to look at the root cause of these problems. Many businesses, whether giant corporations or small startups, still don’t take a security-first attitude. As a result, they set themselves up for failure and when they inevitably get breached, it’s the security team that takes the hit.”
The findings chime with separate research from last year which revealed that 70% of security operations (SecOps) leaders’ home lives are being impacted by the stresses of alert overload.