Login
iscover
E-Yang Tang, Vice President, Security, Resiliency and Network, Kyndryl A/NZShare this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
In today’s hyper-connected world, the role of chief information security officers and cyber security teams is nothing short of relentless.
As organisations face an ever-escalating wave of cyber attacks, cyber professionals remain on high alert 24/7.
However, this constant state of readiness comes at a steep cost: burnout. Alarmingly, cyber security professionals are now experiencing mental health challenges on par with or even exceeding those faced by front-line healthcare workers. This signals a deeper crisis in the tech industry that demands urgent attention.
Despite the critical nature of their work, the mental health struggles of cyber security professionals often go unnoticed. It’s more often than not a silent struggle. A recent study revealed that burnout in some form affects 86 per cent of Australian IT and cyber security professionals, with 22 per cent considering leaving the industry altogether. This silent crisis not only affects individuals but also jeopardises organisational security, as fatigued employees are more likely to make critical errors.
While burnout is not exclusive to cyber security, the industry faces a unique convergence of challenges that intensify pressure on today’s teams. Cyber security professionals face a relentless cycle of threats, heightened by evolving attack methods, regulatory pressures, and an expanded attack surface due to remote work. Unlike a one-time crisis, cyber threats are persistent and invisible, demanding constant vigilance with little room for rest.
In Australia, recent high-profile cyber incidents have stretched teams to their limits, fuelling anxiety about being the next target. At the same time, regulatory demands have intensified with updates to the Australian Privacy Act and new compliance obligations under the Cyber Security Act 2024.
Beyond securing organisational systems, professionals must now protect individual devices, further increasing their workload and stress levels.
Addressing the mental health crisis in cyber security requires a multi-pronged approach.
Unlike physical crises, where the threat is visible and tangible, cyber security professionals often battle an unseen enemy. Cyber attacks unfold in the digital realm, making it difficult to gauge the full extent of the threat in real time. The ambiguity and unpredictability of these attacks heighten anxiety, as defenders must anticipate and respond to invisible dangers that can strike at any moment.
To address this challenge, AI and virtual reality are emerging as powerful tools in cyber security training. AI-driven large language models on headsets can simulate complex cyber threats, allowing professionals to experience the high-pressure decision making of a cyber attack in a controlled environment. This hands-on approach not only enables them to practice critical thinking but also helps build resilience and confidence – reducing the stress and uncertainty associated with responding to real-world incidents.
But we can’t just rely on technology. Fostering open lines of communication must come from the top. Boards and leadership must create an environment where cyber security teams of all levels feel comfortable discussing their challenges. Open dialogue can lead to better resource allocation, realistic expectations and a shared understanding of the pressures faced by security teams. Security shouldn’t be an ivory tower and removing the stigma around vulnerability is crucial. Acknowledging their mental health needs fosters a culture of empathy and support.
Organisations should also provide access to peer-informed mental health resources tailored to cyber security professionals of all levels. These might include stress management workshops, mindfulness programs and access to professional counselling services. What’s more, resources for leaders to recognise burnout and act before it happens are vital. Encouraging regular breaks, enforcing reasonable on-call schedules and promoting a work-life balance can help mitigate burnout.
The importance of mental health in cyber security professionals goes beyond cultural benefits – it’s a business imperative. With geopolitical turmoil continuing, the mental health challenges faced by cyber security experts are more pressing than ever. By prioritising mental resilience and fostering a psychologically safe workplace, it not only supports the wellbeing of individuals but also reduces staff turnover and protects the organisation more effectively.
Be the first to hear the latest developments in the cyber industry.
