Cyber Security Staff Burnout Costs Firms $600m A Year

Uploaded on 2024-06-25 in NEWS-Cybersecurity News, JOBS-Careers, FREE TO VIEW

Cybersecurity professionals say that work-related stress, fatigue, and burnout are making them less productive, including taking extended sick leave, costing US enterprises almost $626 million and UK enterprises almost £130 million in lost productivity every year.

That’s according to a new study, “Building a firewall against cybersecurity burnout”, recently released  by Hack The Box.

British and US enterprises may be throwing away hundreds of millions because of productivity losses due to burned-out cyber security staff, according to Hack The Box. The skills specialist calculated the sum by first working out the average daily wage for cyber security professionals, using Infosecurity Institute figures. It then used its own stats revealing the average number of sick days taken per year per worker (3.4) and average number of days lost to poor productivity (5.1), assuming an eight-hour working day. These figures were then extrapolated out according to the number of cyber security professionals in the US and UK, and total number of days lost.

According to Hack The Box. UK employers may be losing a combined $130m annually, while their US counterparts could be down by as much as $626m due to lost productivity.

The research pointed the blame squarely at employee burnout. It claimed 84% of responding cyber security professionals are experiencing stress, fatigue and burnout due to the rapid pace of technological change, mounting threat volumes and being forced to perform outside their skillset. It added that three-quarters (74%) have taken time off due to work-related mental well-being problems.

Interestingly, 90% of CISOs globally said they are concerned about the impact of stress, fatigue and burnout on their security team’s well-being, versus just 47% of CEOs. 

“What we’ve discovered shows just how difficult the job is and that there is a significant gap of understanding between the board and the professionals,” said Haris Pylarinos, CEO at Hack The Box. “We’re calling for business leaders to work more closely with cyber security professionals to make mental well-being a priority and actually provide the solutions they need to succeed. It’s not just the right thing to do, it makes business sense.”

Commenting on this, Jamie Ahktar, Co-Founder and CEO at CyberSmart said "Hack the Box’s study echoes the findings of our report on SMEs and the cost of living crisis from 2023. Whether through stress or overwork, employee burnout poses a security risk for all businesses."

Tired, stressed staff are far more likely to make security mistakes that lead to breaches or even develop a negative view of their employer and turn to malicious acts.

“So how do we counter this? In the long term, we need to put time and investment into the next generation of cyber security professionals, not least by presenting it as an exciting and fulfilling career opportunity for young people... we need to do two things: upskill the existing workforce with basic cyber skills and automate those elements of security that can be performed without intensive human intervention." Ahtar said.

Hack the Box   |    Infosecurity Magazine   |    Cybersmart   |    CIISEC

Image: Andrea Piacquadio

You Might Also Read: 

Under Pressure - Can CISOs Avoid Burnout?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« AI & Cloud Are At The Intersection Of Cyber Security
How To Effectively Detect & Prevent SAP Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CERT-SE

CERT-SE

CERT-SE is the national and governmental Computer Security Incident Response Team of Sweden.

Ground Labs

Ground Labs

Ground Labs is a security software company dedicated to making sensitive data discovery products that help organisations prevent sensitive data loss.

Australian Cyber Security Centre (ACSC)

Australian Cyber Security Centre (ACSC)

The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together into a single location.

VNCERT

VNCERT

VNCERT is the national Computer Emergency Response Team for Vietnam.

PSC

PSC

PSC is a leading PCI and PA DSS assessor and Approved Scanning Vendor.

Watchcom Security Group

Watchcom Security Group

Watchcom is one of Norway's foremost suppliers of information security consultancy services.

FaceFirst

FaceFirst

FaceFirst provide face recognition technology solutions to detect and deter real time threats,

Polyrize

Polyrize

The Polyrize continuous authorization platform for SaaS and IaaS stops tomorrow's public cloud cyber threats, today.

FraudWatch International

FraudWatch International

FraudWatch has been protecting client brands around the world since 2003, and are the leaders in online brand protection from phishing, malware, social media and mobile apps impersonation.

Beyond Identity

Beyond Identity

Beyond Identity employs an elegantly simple concept, the personal certificate authority and self signed certificates, to replace passwords.

Newtec Services

Newtec Services

IT should be responsive, adaptive, and smart. Now more than ever, you need a business that runs efficiently and can adapt to today's challenges. We can help with custom IT solutions.

Onclave Networks

Onclave Networks

Onclave Networks is a global cybersecurity leader, transforming the future of securing all IT/OT devices and systems.

Saepio Solutions

Saepio Solutions

Saepio promote an all-encompassing approach to cybersecurity, ensuring the appropriate balance of budget and resource across Policy, Product and People.

Anterix

Anterix

Anterix is focused on empowering the modernization of critical infrastructure and enterprise businesses by enabling private broadband connectivity.

Strac

Strac

Eliminate Personal Data Risks from your business. Our Dataless SaaS removes the need to manage sensitive data across web, mobile apps, servers and communication channels.

Sasken Technologies

Sasken Technologies

Sasken’s Cybersecurity Services enables enterprises to develop, maintain, and take digital products to the market with security postures that empower operational excellence.