Economy & Market
Burnout and fatigue affect 90% of cybersecurity and IT professionals in Asia Pacific: Sophos
In today’s digitally-driven landscape, the fight against cyber threats has never been more crucial. However, a recent report by Sophos, a leading figure in cybersecurity solutions, reveals a troubling trend: burnout and fatigue among professionals in the field are significantly compromising their effectiveness. According to Sophos’ fourth ‘The Future of Cybersecurity in Asia Pacific and Japan’ report, conducted in collaboration with Tech Research Asia (TRA), nearly half of respondents admitted that burnout and fatigue have made them less diligent in their roles.
Shockingly, 17 percent even attribute this exhaustion to contributing to cybersecurity breaches. With 90 percent of cybersecurity and IT professionals feeling the strain, it’s evident that addressing this issue is paramount to maintaining robust defences in the digital realm.The study revealed that burnout is felt across almost all aspects of cybersecurity operations, with 30 percent of respondents saying that feelings of burnout increased “significantly” in the last 12 months, with 41 percent saying that this burnout makes them “less diligent” in their cybersecurity roles with 17 percent of respondents identified that cybersecurity burnout or fatigue contributed to or was directly responsible for, a cybersecurity breach and 17 percent of companies experienced slower than average response times to cybersecurity incidents.
At a time when organisations are struggling with cybersecurity skills shortages and an increasingly complex cyberattack environment, employee stability and performance are critical for providing a solid defence for the business. “Burnout and fatigue are undermining these areas and organisations need to step up to provide the right support to employees especially when, according to our research, 17 percent of respondents identified that cybersecurity burnout or fatigue contributed to or was directly responsible for, a cybersecurity breach,” said Sophos Field CTO Aaron Bugal.
The Sophos and TRA report provides timely insight into organisational cyber stress and demonstrates that things need to change. Although there’s not a simple fix, an attitude adjustment would go a long way to define the right expectations around what it means to evolve into a cyber-resilient business.Boards and executive committees need to drive change and demand responsibility from their deputised charges, in essence for better governance around cyber approaches. However, they need to clearly articulate their accountability in developing and maintaining a plan because cybersecurity is now a perpetually interactive sport and there needs to be a team that provides adequate coverage around the clock.”
Impact of burnout and fatigue on cybersecurity employees
The study revealed that across Asia Pacific and Japan (APJ):
- 41 percent felt they are not diligent enough in their performance.
- 34 percent felt heightened levels of anxiety if subject to a breach or attack.
- 31 percent experience feelings of cynicism, detachment and apathy towards cybersecurity activities and their responsibilities.
- 30 percent stated it makes them want to either resign or change career (23 percent of all surveyed have acted on this and resigned).
Ten percent feel guilty that they cannot do more in their role to support cybersecurity activities.Causes of cybersecurity burnout and fatigue
The five main causes of cyber burnout and fatigue in the report include:
- A lack of resources available to support cybersecurity activities.
- The routine aspects of the role, which create a feeling of monotony.
- An increased level of pressure from board and/or executive management.
- Persistent alert overload from tools and systems.
- Increase in threat activity and the adoption of new technologies that foster a more challenging, always on environment.
Impact of cybersecurity burnout and fatigue on business operations
- Direct contribution to breaches: 17 percent of respondents identified that cybersecurity burnout or fatigue contributed to or was directly responsible for a cybersecurity breach.
- Slower response times to cybersecurity incidents: 17 percent of companies experienced slower than average response times to cybersecurity incidents
- Lost productivity: Businesses are experiencing a productivity loss of 4.1 hours per week amongst cybersecurity and IT professionals, with companies in the Philippines (4.6 hours/week) and Singapore (4.2 hours/week) having the worst impact, while India and Japan (both 3.6 hours/week) were the least affected.
- Resignations and employees moving on: Stress and burnout were directly attributed as a cause of cybersecurity and IT professional resignations in 23 percent of companies. Singapore made up 38 percent of the resignations and India 31 percent. Organisations also noted that on average, 11 percent of them had “moved on” as a cybersecurity or IT employee as a result of the individual being impacted by stress or burnout. Malaysia (28 percent of companies) and Singapore (15 percent) had the highest incidence of this practice.
( Source : Daily Mirror)
You Must be Registered Or Logged in To Comment Log In?