Cyber security practitioners believe their work-life balance is becoming increasingly strained as the stress of their roles and growing workloads impacts their home life.
Professionals were found to be sacrificing more personal time than ever, according to a study from Centripetal. The survey of security practitioners raised concerns that staff risk burning out and damaging personal relationships due to the trend.
The results show the vast majority of cyber security professionals experience some form of interruption to their personal lives outside of office hours.
90% of respondents stated they checked email, Slack, and other communication platforms when they were on annual leave.
Almost one-third (32%) of surveyed employees reported their lives are interrupted by work every night, with 70% saying they are interrupted at least once a week.
Almost one-fifth (18%) of employees were also shown to be working over a full day’s worth of unpaid overtime (8+ hours) a week.
When asked why they thought they worked such long hours, 46% of security professionals cited loyalty to the company, 23% reported increased cyber threats, and 16% pointed to a shortage in staff.
One-in-ten respondents claimed they were the only staff member who could address the problem.
Growing threats are affecting work-life balance
Jess Parnell, vice president of security operations at Centripetal, said security practitioners are struggling to keep pace with an ever evolving threat landscape.
The heightened risks faced by organizations in 2023 means the bemoaned ‘always on culture’ in the security industry is worsening and placing increased pressure on staff.
“Cyber security is an industry where threats develop at breakneck speed, and those of us working in the industry are responsible for ensuring these threats are responded to and mitigated on behalf of our organizations," she said.
"It’s important that cyber security teams foster a culture where employees are able to switch off without feeling guilty or under pressure.”
Burnout levels are surging in security
Other research in this area concurs with Centripetal’s findings. ‘The Voice of the SOC 2023’ report from Tines found 63% of practitioners in this sector experience some level of burnout.
This is compounded by 81% of respondents saying their workloads have increased in the previous year, with half stating their security operations center (SOC) team is understaffed.
The fundamental issue identified by Tines’ CEO and co-founder Eoin Hinchy was “security teams are getting restless”.
Over the 15 years Hinchy spent in security operations he noted the imbalance developing in the industry between the threats facing security professionals and the arsenal they are equipped with to face them.
“[T]he challenge facing SOC analysts became harder, not easier: workloads are increasing, but teams aren’t growing alongside them. SOC analysts are burning out as a result of tedious and repetitive tasks,” he said.
“In the best-case scenario, staff will leave in search of new opportunities and leave their previous organizations scrambling to replace them. In the worst case, their burnout will lead to human error that could cost a company millions.”
Getting more support for security staff
The solution, according to Parnell, is to alleviate some of the burden security workers are currently shouldering.
Scale AI workloads: An open data lakehouse approach
Find out how an open lakehouse approach enables organizations to store data on low-cost object storage
DOWNLOAD NOW
“By taking some of the day-to-day security analysis out of the hands of overworked employees, it’s crucial for organizations to implement adequate tools and solutions, and create a culture where IT professionals are supported”.
This correlates with the results of Tines’ report, which revealed 37% of SOC teams said they are “drowning in data” when asked to identify the top challenges facing them, and they are struggling to convert this data into actionable insights.
In addition, just over half (53%) of security professionals agreed tedious, manual tasks such as reporting, monitoring, and detection tasks were frustrating them in their day-to-day operations.
