More than a third of cybersecurity professionals are considering quitting their jobs in the next six months due to burnout caused by high stress levels and heavy workloads, according to a new survey of 500 workers in the US and UK by cybersecurity vendor ThreatConnect.

As businesses face a cybersecurity landscape fraught with emerging risks in the months to come, more needs to be done to prevent an exodus of talent by ensuring the work-life balance and mental health concerns of those on the cybersecurity frontline are proactively addressed.

The widespread intention to quit cybersecurity jobs can be partly attributed to the so-called ‘great resignation’, but the report also identified burnout and low morale among the drivers. More than half of respondents say their stress levels had increased in the past six months, while more than a third cited anxiety and depression as a work-related stress symptom. These mental health issues also appeared to be evident among colleagues, as 41% of respondents said they had noticed a drop in workplace performance. 

Respondents identified their working conditions as the chief cause of their stress: heavy workloads (32%), long hours (31%), and tight deadlines (21%) were other common causes. 

These factors are diminishing the appeal of cybersecurity careers: only 33% would recommend such a career to others, with the same number also likely to discourage people from entering the industry. This comes at a time when the sector desperately needs to recruit and retain skilled staff to tackle emerging cybersecurity threats in the software supply chain and cloud services, for example. 

One way businesses can avoid an exodus of cybersecurity talent is by launching a “renewed focus on collaboration,” ThreatConnect says, ensuring their teams are aligned and individual employees “feel valued and engaged”. Useful measures include regular check-ins with staff to understand and redistribute heavy workloads, evaluating existing skills gaps, and creating progressive feedback mechanisms where speaking up about a particular issue is rewarded. 

More flexibility on virtual working arrangements may also prove to be crucial as restrictions are lifted. The report found that 31% of respondents in the UK were most likely to be considering quitting due to a "perceived lack of opportunity" to work remotely.

“Now more than ever, IT security teams are being expected to do more with less,” said ThreatConnect CEO Adam Vincent. “High employee turnover and stressed IT professionals can negatively impact an organisation’s performance both in the short term and in the long term. The growing volume and sophistication of threats makes it critical that organisations manage workload feasibility and give teams the support they need.”

Vincent added that businesses need to invest in cybersecurity teams on the frontline “with the best tools and working environment” to attract and retain talent. “Creating a workplace that is attractive to current and potential professionals is essential to hold on to skills and expertise they need to protect their entire operation for the long term.”

Home page image Tommaso79/iStock