34 percent of respondents said burnout and fatigue make them less diligent in their roles, with 25 percent identifying this as contributing to a cybersecurity breach.
National India, February 12, 2024 Sophos, a global leader in innovating and delivering cybersecurity as a service, released the findings of its fourth “The Future of Cybersecurity in Asia Pacific and Japan” report in collaboration with Tech Research Asia (TRA). The report found that 83 percent of respondents in cybersecurity and IT roles in India are impacted by burnout and fatigue.
The study revealed that burnout is felt across almost all aspects of cybersecurity operations, with 93 percent of respondents saying that feelings of burnout increased in the last 12 months, the highest across Asia Pacific and Japan. In addition, 25 percent of respondents identified that cybersecurity burnout or fatigue contributed to, or was directly responsible for, a cybersecurity breach, and 22 percent of companies experienced slower than average response times to cybersecurity incidents.
Causes of cybersecurity burnout and fatigue
The five main causes of cyberburnout and fatigue in India include:
- A lack of resources available to support cybersecurity activities
- The routine aspects of the role, which create a feeling of monotony
- An increased level of pressure from the board and/or executive management
- Persistent alert overload from tools and systems
- Increase in threat activity and the adoption of new technologies that foster a more challenging, always-on environment.
The impact of burnout and fatigue on cybersecurity employees
The study revealed that across India:
- 34% felt they were not diligent enough in their performance.
- 48% felt heightened levels of anxiety if subjected to a breach or attack.
- 36% experience feelings of cynicism, detachment, and apathy towards cybersecurity activities and their responsibilities.
- 31% of resignations were a result of stress and burnout.
“At a time when organisations are struggling with cybersecurity skills shortages and an increasingly complex cyberattack environment, employee stability and performance are critical for providing a solid defence for the business. Burnout and fatigue are undermining these areas, and organisations need to step up to provide the right support to employees, especially when, according to our research, 25 percent of Indian respondents identified that cybersecurity burnout or fatigue contributed to, or was directly responsible for, a cyber security breach,” said Aaron Bugal, field CTO at Sophos.
“This Sophos and TRA report provides timely insight into organisational cyber stress and demonstrates that things need to change. Although there’s not a simple fix, an attitude adjustment would go a long way toward defining the right expectations around what it means to evolve into a cyber-resilient business. Boards and executive committees need to drive change and demand responsibility from their deputised charges, in essence, for better governance around cyber approaches. However, they need to clearly articulate their accountability in developing and maintaining a plan because cyber security is now a perpetually interactive sport, and there needs to be a team that provides adequate coverage around the clock.”
The impact of cybersecurity burnout and fatigue on business operations
There were four key areas where cyber burnout and fatigue had a direct impact on business operations in India:
- Direct contribution to breaches: 25 percent of respondents identified that cyber security burnout or fatigue contributed to, or was directly responsible for, a cybersecurity breach.
- Slower response times to cybersecurity incidents: 22 percent of companies experienced slower than average response times to cyber security incidents.
- Lost productivity: Businesses in India are experiencing a productivity loss of 3.6 hours per week amongst cyber security and IT professionals, with companies in the Philippines (4.6 hours per week) and Singapore (4.2 hours per week) having the worst impact.
- Resignations and employees moving on: Stress and burnout were directly attributed as a cause of cyber security and IT professional resignations in 33 percent of companies in India. Organisations also noted that 31 percent had “moved on” as a cybersecurity or IT employee as a result of the individual being impacted by stress or burnout.
Also read: “Fail Fast Learn Fast and Move On”
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics.
