Cyber Security Staff Burnout Costs Firms $600m A Year

Uploaded on 2024-06-25 in NEWS-Cybersecurity News, JOBS-Careers, FREE TO VIEW

Cybersecurity professionals say that work-related stress, fatigue, and burnout are making them less productive, including taking extended sick leave, costing US enterprises almost $626 million and UK enterprises almost £130 million in lost productivity every year.

That’s according to a new study, “Building a firewall against cybersecurity burnout”, recently released  by Hack The Box.

British and US enterprises may be throwing away hundreds of millions because of productivity losses due to burned-out cyber security staff, according to Hack The Box. The skills specialist calculated the sum by first working out the average daily wage for cyber security professionals, using Infosecurity Institute figures. It then used its own stats revealing the average number of sick days taken per year per worker (3.4) and average number of days lost to poor productivity (5.1), assuming an eight-hour working day. These figures were then extrapolated out according to the number of cyber security professionals in the US and UK, and total number of days lost.

According to Hack The Box. UK employers may be losing a combined $130m annually, while their US counterparts could be down by as much as $626m due to lost productivity.

The research pointed the blame squarely at employee burnout. It claimed 84% of responding cyber security professionals are experiencing stress, fatigue and burnout due to the rapid pace of technological change, mounting threat volumes and being forced to perform outside their skillset. It added that three-quarters (74%) have taken time off due to work-related mental well-being problems.

Interestingly, 90% of CISOs globally said they are concerned about the impact of stress, fatigue and burnout on their security team’s well-being, versus just 47% of CEOs. 

“What we’ve discovered shows just how difficult the job is and that there is a significant gap of understanding between the board and the professionals,” said Haris Pylarinos, CEO at Hack The Box. “We’re calling for business leaders to work more closely with cyber security professionals to make mental well-being a priority and actually provide the solutions they need to succeed. It’s not just the right thing to do, it makes business sense.”

Commenting on this, Jamie Ahktar, Co-Founder and CEO at CyberSmart said "Hack the Box’s study echoes the findings of our report on SMEs and the cost of living crisis from 2023. Whether through stress or overwork, employee burnout poses a security risk for all businesses."

Tired, stressed staff are far more likely to make security mistakes that lead to breaches or even develop a negative view of their employer and turn to malicious acts.

“So how do we counter this? In the long term, we need to put time and investment into the next generation of cyber security professionals, not least by presenting it as an exciting and fulfilling career opportunity for young people... we need to do two things: upskill the existing workforce with basic cyber skills and automate those elements of security that can be performed without intensive human intervention." Ahtar said.

Hack the Box   |    Infosecurity Magazine   |    Cybersmart   |    CIISEC

Image: Andrea Piacquadio

You Might Also Read: 

Under Pressure - Can CISOs Avoid Burnout?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« AI & Cloud Are At The Intersection Of Cyber Security
How To Effectively Detect & Prevent SAP Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Imperva

Imperva

Imperva is a leading provider of data and application security solutions including DDoS protection, Web application security, Data security and Cloud security.

SANS Institute

SANS Institute

SANS is the most trusted and by far the largest source for information security training and security certification in the world.

Civica

Civica

Civica provides cloud-based managed IT services, hosting and outsourcing.

LexisNexis Risk Solutions

LexisNexis Risk Solutions

LexisNexis Risk Solutions provides technology solutions for Anti-Money Laundering, Fraud Mitigation, Anti-Bribery and Corruption, Identity Management, Tracing and Investigation.

CyberDef

CyberDef

CyberDef is a consulting company specialising in cyber defence services for small and medium enterprises.

Digital Security

Digital Security

Digital Security is an Ecuadorian company specialized in providing comprehensive information security solutions.

Accertify

Accertify

Accertify is a leading provider of fraud prevention, chargeback management, and payment gateway solutions.

SMESEC

SMESEC

SMESEC is a lightweight Cybersecurity framework for protecting small and medium-sized enterprises (SME) against Cyber threats.

Futurae Technologies

Futurae Technologies

Futurae - enabling trust and invisible security for your users on all devices and applications. Strong customer authentication (SCA) made easy.

Shield Capital

Shield Capital

Shield Capital helps founders build frontier solutions in cybersecurity, artificial intelligence, space & autonomy for commercial and government enterprises.

Astrill VPN

Astrill VPN

Astrill VPN is a Seychelles based Virtual Private Network(VPN) Company.

MAUSHIELD

MAUSHIELD

MAUSHIELD is the national platform for sharing cyber threat information and intelligence that can help organisations to improve their cybersecurity posture, minimize risks and prevent cyber-attacks.

Lakera

Lakera

Lakera empowers developers and organizations to build GenAI applications without worrying about AI security risks.

Relatech

Relatech

Relatech is a Digital Enabler Solution Knowledge (D.E.S.K.) Company that offers digital services and solutions dedicated to the digital transformation of businesses.

Argenta Talent Acquisition

Argenta Talent Acquisition

Argenta Talent Acquisition is a recruitment partner specializing in Space and Defense, Intelligence Community, all things Technical, Cyber, and Logistics.

Relyance AI

Relyance AI

Relyance AI - One unified platform for privacy, security, & governance.