Survey showcases cybersecurity experts are facing severe burnout, translating to severe shortages
The machine of cybersecurity and defense is driven by hard working people, by eventually, there is a breaking point. Looking down the barrel of constant attack pressures, a lack of resources, and crumbling IT, experts and essential workers have pushed themselves to the brink, so much that we could see a wave of mass resignations within the year.
A survey conducted by Bridewell discovered two dominant factors influencing an expert’s desire to leave a company. One was burnout, caused by the constant barrage of cyber attacks and limited support to combat them. The other was reputation. Brand damage is common post-cyber-attack, and no one wants their name attached to a breach event that compromised customer data. Seniority also influences the reasons for wanting to leave a company. Experts and cybersecurity directors, for instance, say they’re often met with unrealistic demands, or cannot reasonably handle the overwhelming pressure of cyber-attacks.
Indeed, the problem of cybersecurity is fast growing, and those who are best equipped to fight against it are dealing with significant pressure. Stress, exhaustion, and fear of ransomware strikes is slowly whittling away at cyber defenses as a whole.
Increases in danger and attack
Problems escalated during the COVID-19 pandemic, something we’re still dealing with today. And as you know, this pandemic created remote work networks abroad, prime targets for ransomware gangs. Now, the pressure has increased with recent geopolitical events. The Russian invasion of Ukraine has excited ransomware gangs, and now attacks have rapidly increased because of the conflict. In the wake of potential breaches too, experts share concern of losing their position due to cyberattacks, despite how critical they are to preventing them.
An expansion of vulnerabilities and attack surfaces
Experts aren’t only dealing with attacks and increasing pressure to protect enterprise networks. The hybridization of work environments, remote networks, and new IT staff hires have also brought increasingly complex risk factors.
When a new hire is brought onboard, it takes time to ingratiate them into a company’s particular set of standards and security practices. But even then, they are still a risk, intended or not. Hybrid networks too, which utilize different elements of local, cloud-based, and remote resources also introduce new risk factors. Worse yet, the Bridewell report found that surveyed experts did not believe they possessed the expertise to fully secure remote environments.
Another painful factor is onboarding staff which lack the correct skills for the job. To fill the gaps over the past several years, companies hired on workers which may not have fit their needed security criteria. As such, improper training and credentials create additional security holes in an enterprise network.
Intermixed with new regulatory requirements and a serious need for powerful cyber defense, it’s understandable to see why experts abroad are so overwhelmed.
An approaching shortage
Today, networks and businesses are still dealing with a short supply in staffing. But now, the prospect of facing down even more shortages creates a painful reality. If experts resign in droves, what happens to the enterprise that can’t respond to malware and ransomware threats? More so, how will we approach the void of experts and necessary staff?
A resolution model isn’t easy, either. Experts are a combination of solid education and training backgrounds sharpened with years of experience. Bright young minds can help, but there’s a learning curve involved with modern cybersecurity demands. In essence, the shortage can’t be solved with a simple expansion for re-hires.
The answer to solving the crisis means addressing the causes for burnout, which then means finding a way to effectively combat ransomware. There are things that help, such as competency training for ransomware, but there isn’t a “one size fits all” way to curtail ransomware as a whole.
Some seek answers with third parties and MSPs (managed service providers) who can adequately provide resources and protection. They also draw on remote experts where an enterprise is lacking. It’s not the perfect answer, but it helps in a time where shortages are likelier than ever.