Published on November 18th, 2021 📆 | 7454 Views ⚑
0Heavy Workloads For Those On Frontlines Of Cybersecurity Wars Are Taking Their Toll
Chief information security officers (CISOs) have been on frontlines of the cybersecurity wars for quite some time. The impact of heavy workloads on their professional and private live is showingâand creating new dangers and potential crisis situations for business leaders.
Cybersecurity staff who are stressed, fatigued or suffering burnout cannot function at their full potential and can be prone to errors or poor judgement in a cyber crisis.
Missing Out
Prior to the start of the holiday season, email security company Tessian surveyed U.S. and UK CISOs to explore burnout, pain points and other trends affecting these who are dealing directly with cyber threats. According to the companyâs report that was released today:
- Two in five CISOs have missed holidays like Thanksgiving due to work demands; 25% have not taken time off work in the past 12 months.Â
- CISOs are missing out on important events and family holidays, and putting their health at risk by missing doctorâs appointmentsâsomething 44% of CISOs have experienced in the last year.Â
- 40% have missed a family vacation due to work.
- One-third of CISOs report being unable to exercise regularly.Â
Working More Hours
Tessianâs report found that that CISOs work, on average:
- 11 more hours than theyâre contracted to each week, while one in 10 works 20 to 24 hours extra a week.
- As a result of their stressful jobs, 59% of CISOs say they struggle to always switch off from work once the working day is over.
Impact On Companies
âItâs not surprising to hear that CISOs are burnt-out, but the findings show how these feelings of burnout can cascade downhill in an organization,â observed Josh Yavor, Tessianâs CISO. âWe need to be thinking about responsibility and risk in an effective and modern way, and we need to understand that while security is ultimately something that CISOs are accountable for, their executive teams need to support them as they canât do everything on their own.â
He noted that, âThe CISO role is also a difficult job to hold, and this research identifies the impact at a more granular and measurable level than what weâve seen before. What comes next is the most important element. How do we make sure that the security functions are significantly empowered within larger organizations and that they have the resources, support and tools they need to perform while avoiding burnout?Â
Advice
Yavor had the following advice for CISOs:
Setting Expectations
âCISOs have the opportunity to pave the way and set expectations within their organization to deliver survivable and sustainable work experiences. They should ensure security programs and teams are set up appropriately for the best outcomes. To avoid burnout, CISOs should understand the capacity limits of their teams and themselves.â
Establishing Priorities
âThey are ultimately responsible for ensuring that sufficient capacity exists for successful and sustainable execution relative to planned and unplanned work. CISOs need to be able to either say ânoâ to unplanned work, or be empowered to effectively shift work priorities to enable capacity and the expense of previously planned work.â
Leading By Example
âBurnout often stems when people (in any role) canât manage situations when unplanned work runs up against capacity constraints, and the decision is to perform heroics at the expense of people rather than hold the organization accountable for sustainable work.â
âItâs critical that CISOs lead by example in these instances. Once we recognize our limitations as humans and leaders and embrace them, the better it is for everyone. That uncertainty and discomfort that comes with that kind of approach is a necessary cost of what it takes to do better as a CISO.â
Gloss