Cyber Security Staff Burnout Costs Firms $600m A Year

Uploaded on 2024-06-25 in NEWS-Cybersecurity News, JOBS-Careers, FREE TO VIEW

Cybersecurity professionals say that work-related stress, fatigue, and burnout are making them less productive, including taking extended sick leave, costing US enterprises almost $626 million and UK enterprises almost £130 million in lost productivity every year.

That’s according to a new study, “Building a firewall against cybersecurity burnout”, recently released  by Hack The Box.

British and US enterprises may be throwing away hundreds of millions because of productivity losses due to burned-out cyber security staff, according to Hack The Box. The skills specialist calculated the sum by first working out the average daily wage for cyber security professionals, using Infosecurity Institute figures. It then used its own stats revealing the average number of sick days taken per year per worker (3.4) and average number of days lost to poor productivity (5.1), assuming an eight-hour working day. These figures were then extrapolated out according to the number of cyber security professionals in the US and UK, and total number of days lost.

According to Hack The Box. UK employers may be losing a combined $130m annually, while their US counterparts could be down by as much as $626m due to lost productivity.

The research pointed the blame squarely at employee burnout. It claimed 84% of responding cyber security professionals are experiencing stress, fatigue and burnout due to the rapid pace of technological change, mounting threat volumes and being forced to perform outside their skillset. It added that three-quarters (74%) have taken time off due to work-related mental well-being problems.

Interestingly, 90% of CISOs globally said they are concerned about the impact of stress, fatigue and burnout on their security team’s well-being, versus just 47% of CEOs. 

“What we’ve discovered shows just how difficult the job is and that there is a significant gap of understanding between the board and the professionals,” said Haris Pylarinos, CEO at Hack The Box. “We’re calling for business leaders to work more closely with cyber security professionals to make mental well-being a priority and actually provide the solutions they need to succeed. It’s not just the right thing to do, it makes business sense.”

Commenting on this, Jamie Ahktar, Co-Founder and CEO at CyberSmart said "Hack the Box’s study echoes the findings of our report on SMEs and the cost of living crisis from 2023. Whether through stress or overwork, employee burnout poses a security risk for all businesses."

Tired, stressed staff are far more likely to make security mistakes that lead to breaches or even develop a negative view of their employer and turn to malicious acts.

“So how do we counter this? In the long term, we need to put time and investment into the next generation of cyber security professionals, not least by presenting it as an exciting and fulfilling career opportunity for young people... we need to do two things: upskill the existing workforce with basic cyber skills and automate those elements of security that can be performed without intensive human intervention." Ahtar said.

Hack the Box   |    Infosecurity Magazine   |    Cybersmart   |    CIISEC

Image: Andrea Piacquadio

You Might Also Read: 

Under Pressure - Can CISOs Avoid Burnout?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« AI & Cloud Are At The Intersection Of Cyber Security
How To Effectively Detect & Prevent SAP Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Bulb Security

Bulb Security

Whether your internal red team or penetration testing team needs training, or you lack internal resources and need an outsourced penetration test, Bulb Security can help.

CIRT.GY

CIRT.GY

CIRT-GY is the national Computer Incident Response Team for Guyana.

Telspace Africa

Telspace Africa

Telspace Africa provide the highest level of IT security solutions including advisory, penetration testing, vulnerability assessments, red teaming, social engineering and training.

Assured Information Security (AIS)

Assured Information Security (AIS)

AIS is committed to providing our customers with critical information security products, services, and training. We support diverse needs throughout business and industry.

StormWall

StormWall

StormWall is an Anti-DDoS protection service for websites and networks. We offer 100% protection from all types of DDoS attacks and 24/7 technical support.

Digital Innovation Hub Slovenia (DIH)

Digital Innovation Hub Slovenia (DIH)

DIH Slovenia is a central hub providing services to grow digital competencies in areas including robotics, IoT, cyberphysical systems and cybersecurity.

NeuShield

NeuShield

NeuShield is the only anti-ransomware technology that can recover your damaged data from malicious software attacks without a backup.

Onclave Networks

Onclave Networks

Onclave Networks is a global cybersecurity leader, transforming the future of securing all IT/OT devices and systems.

SecureAge Technology

SecureAge Technology

We’re a rapidly growing cybersecurity company with an 18-year history of ZERO Data breaches. Our security solutions place security and usability on equal footing. Learn more about our technology.

HunCERT

HunCERT

HunCERT's mission is to assist Hungarian Internet Service Providers in applying appropriate procedures to address the risks of computer network incidents and to respond to such incidents.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

Iconium Software

Iconium Software

DataLenz by Iconium offers continuous and real-time tracking of your data assets delivering you the tools you need to successfully reach and maintain your target security standards.

Silent Push

Silent Push

Silent Push maps all internet-facing infrastructure with searchable, advanced attributes, generating early indicators of potential threats that are tailored to your environment.

Blockfence

Blockfence

Blockfence are a seasoned crew versed in enterprise-grade cybersecurity and crypto, on a mission to collaboratively shape the future of Web3 security.

Radiant Security

Radiant Security

Radiant Security offers an AI-powered security co-pilot for Security Operations Centers (SOCs). Reinforce your SOC with an AI assistant.

DYOPATH

DYOPATH

At DYOPATH we work with the single purpose of helping our clients combat the ongoing increase of cyber threats, the growth in more complex IT environments, and ever-increasing human capital shortages.