Gartner: Nearly half of cyber leaders to leave roles over mounting stress

Nearly half of cyber security leaders are expected to change jobs by 2025 due to work-related stress factors, according to expert predictions.

Analysis by Gartner found that heightened stress and increasingly challenging work conditions are having a serious adverse effect on senior security practitioners, with a quarter of leaders expected to leave the industry to pursue “different roles entirely”.

Mounting pressure on cyber leaders to maintain organisational resilience and defend against a growing wave of cyber threats is a key contributing factor in this trend, Gartner said.

“Cyber security professionals are facing unsustainable levels of stress,” said Deepti Gopal, director analyst at Gartner.

“CISOs are on the defence, with the only possible outcomes that they don’t get hacked or they do. The psychological impact of this directly affects decision quality and the performance of cyber security leaders and their teams.”

A key factor in this trend, the report suggested, is that many organisations simply do not have adequate safeguards or processes to support staff amidst an increasingly challenging period.

“Burnout and voluntary attrition are outcomes of poor organisational culture,” Gopal said. “While eliminating stress is an unrealistic goal, people can manage incredibly challenging and stressful jobs in cultures where they’re supported.”

Long-term, Gartner suggested that an exodus of senior industry figures could further accelerate the industry’s ongoing talent shortage.

The 2022 Cybersecurity Workforce Study from (ISC)2 revealed that the global cyber workforce gap increased by 26.2% compared to the year previous.

(ISC)2’s study also found that the global cyber sector requires 3.4 million more workers to accommodate for growing threats against organisations.

Cyber sector burnout

Burnout in the cyber security sector has been a long-running issue, and one exacerbated by challenging pandemic-related work conditions.

Tessian research found that the heavy demands placed on senior industry practitioners has led many to work excessive hours and miss important life events and holidays.

CISOs were found to work an average of 11 extra hours each week due to the demanding nature of their role.

A survey from Invicti Security in 2021 found that 78% of respondents reported increased stress levels due to the challenging nature of their roles. One-in-five DevOps and security professionals told the company that they had considered quitting their jobs due to mounting pressure.

Similarly, a report from Threat Connect last year found that nearly one-third of security professionals were considering quitting their jobs, with a significant portion actively seeking opportunities elsewhere.