With the constant evolution and boom in technology, you would think people would jump at the chance to be involved. Statistics show that not only are people with cybersecurity skills lacking, but the ones that are in the industry are cracking under the pressure.
The Realities of Cybersecurity Burnout
CNBC.com found stated that 65% of IT professionals consider quitting due to burnout. The main reasons for this statistic are the stress and urgency of the job. Chief Information Security Officers (CISO) must work effectively to deal with data breaches in a variety of industries. If this stress on its own wasn’t enough, CISOs must also keep their organization running and maintain positive relationships with employees.
Additional stressors of the job seem to stem from the lack of communication between CISOs and executive boards. A study by Nominet found that only 52% of CISOs feel that the executive value their security team and 1 in 5 respondents said board members were indifferent to the team and considered them to be an inconvenience.
These types of issues put pressure on leaders and their security teams to work even harder to prove their relevance. One-third of CISOs even believe that if a data breach were to occur, they would face an official warning or even lose their jobs. This makes it no surprise that 17% of the CISOs surveyed said they use medication or alcohol to deal with the stress levels at work.
Stressors on the Job
Some of the most common stressful aspects of a cybersecurity job include:
- Keeping up with security needs of new initiatives
- Learning there are IT projects that were created without security oversight
- Trying to get end-users and businesses to understand their cybersecurity risks
- Emergencies that pull a CISO away from their original tasks
These issues can lead to professionals suffering from burnout. This unfortunate feeling can be identified with signs such as a need to prove yourself, ignoring other areas of your life to work longer hours, and withdrawing from concerned people around you. While feeling overwhelmed may be a normal feeling for employees during the length of their career, burnout is a serious condition that can end with depression.
Lack of Cyber Skills for Open Jobs
There are currently nearly 3 million unfilled cybersecurity positions at companies worldwide and is expected to rise to 3.5 million by the year 2021. The lack of employees to fill these roles is not a new occurrence. The Environmental, Social, and Corporate Governance (ESG) conducts a yearly survey and the cybersecurity skills shortage has been the top challenge for the industry over the past four years.
A survey from Raytheon found that 62% of students aged 18-26 in 12 countries said a job in cybersecurity was never mentioned by a teacher as a career option. Even if students were aware of this career path, there are not enough educational resources to pursue it. Some schools do not have teachers trained in cybersecurity and have few classes or programs centered around internet security.
With the workload overpowering the number of workers, there is little time for administrators and bosses to properly train new employees. This leads to inexperienced workers making mistakes on the job, which the senior level employees must clean up. This ignorance leads to more work and less time to train, resulting in a vicious cycle.
Employing the Right People in a Positive Environment
There have been several ideas for people to address the skills shortage in the cybersecurity field. Some of these include:
- Having federal involvement to promote the position, create educational awareness programs, and scholarships for studying in the field.
- An integrated effort between Amazon, Dell, Facebook, Google, and other industry leaders to create well-known training programs.
- Find ways to recruit skilled professionals with a focus more on skills and experience rather than a degree.
As far as the existing employees, the executive level members need to provide them with the support and resources they need to function productively in their position. Communication needs to be the top priority between entry-level and senior-level workers. With increased communication comes trust, and CISOs need to trust their superiors to have an effective workflow and overall work/life balance.
SecureData has employees that have been a part of the company since its beginnings over a decade ago. We ensure our employees are trained and certified to perform data recovery or forensic investigations and encourage their training and growth as engineers and managers.