A survey from Australian security services company Sekuro has found that more than 90 percent of cybersecurity professionals have reported mental health challenges over the past two years.
In its whitepaper, “Mental health in the Australian cyber security industry”, Sekuro surveyed 101 cybersecurity pros of varying levels of seniority across Australia - as well as a small number from other countries - between 31 March to 24 August 2022.
The survey found 91 percent of respondents reported experiencing mental health challenges over the past two years, and only 11 percent said they did not experience burn out due to the job.
More than half (51 percent) attributed their mental health struggles at work to poor culture and/or management styles, while 50 percent cited the high stress nature of the job.
Other challenges cited include being underfunded (41 percent) and a lack of required skills (37 percent) in the company or team.
Almost two in five (37 percent) of the respondents have also quit their jobs in cybersecurity in response to mental health issues, with nine percent deciding to change their career paths altogether. Citing a report from the International Information System Security Certification Consortium (ISC2), Australia has 134,690 cybersecurity workers as of 2021, with Sekuro estimating that some 12,000 of them could have left the industry over the past two years.
“The results are saddening, yet unsurprising. Cyber security professionals were faced with unique responsibilities when it came to managing the technological fallouts of pandemics, wars, and accelerated digitisation. This has put increasing pressure on leadership to do whatever it takes to prevent attacks,” Sekuro managing director Noel Allnut said.
The survey also found that cyberattacks like ransomware and malware attacks are not the biggest worry among cybersecurity pros (35 percent), but rather unrealistic expectations from the board and executive leadership were a bigger worry for 44 percent of the respondents.
The other worries were data breaches (35 percent), a lack of cybersecurity understanding from the board and executive leadership (33 percent) and challenges associated with growing cybersecurity teams (26 percent).
Handing security pros more money also doesn’t solve their grievances, with the survey finding only 22 percent said a pay rise or promotion would help their mental health. The respondents cited the provision of more resources and tools, or more frequent opportunities to provide feedback to management would be more effective.
In the whitepaper, clinical counsellor and mental health educator Amber Rules said it was understandable that the stress and the strain of the past few years have resulted in many in the cybersecurity industry struggling with burnout and mental health challenges.
“Burnout is the result of ongoing and seemingly unresolvable occupational stress. It impacts many aspects of a person’s life, including their mental capacity, effectiveness and energy. It can also cause increased negative emotional experiences such as frustration, anger, overwhelm, negativity and cynicism,” Rules said.
“It can have very real impacts not just on a person’s work but also their life outside of the office. This contributes to the wider issue we’re seeing play out across the country with increased mental health challenges amongst Australians.”
Addressing cybersecurity professionals’ mental health
The survey found the most requested solution to improve mental health in the workplace was more resourcing and tools to relieve pressure on staff (51 percent), followed by replacing managers who contribute to the poor mental health outcomes (34 percent).
Respondents said the top three ways they prevent or recover from poor mental health are by getting outside (66 percent), staying active (65 percent) and spending time with family and friends (61 percent). Some 48 percent said they were able to set clear boundaries at work to address mental health concerns.
For those that have reported mental health issues, 44 percent went to their managers to resolve the issue, and 24 percent of them said the concerns were adequately and promptly addressed. Some 37 percent said they quit their jobs, followed by seeking external counselling (37 percent), taking unscheduled leave (29 percent) and asked for a pay rise (15 percent).
Rules said, “It’s vitally important to seek support in difficult times. Whether this is a discussion with your colleagues, speaking to your manager or engaging with a mental health professional, the need to share and receive meaningful support is key to our ongoing wellbeing.
“Even if you’re the type of person who is self-sufficient and doesn’t experience workplace stress often, everyone needs, and benefits from, extra support from time to time. Prevention is always better than recovery.”
Allnut added, “The survey results clearly show how important a cyber-aware board and leadership team can be in reducing stress amongst their teams, and the need for managers to be better trained in how to address mental health in the workplace.
“If we don’t stand up and take action to improve mental health in our industry we face losing more talent and worsening outcomes for everyone.”
The survey polled 101 cyber security professionals sourced through Sekuro's LinkedIn page, the company's customer database and community partners including ISACA Sydney Chapter, Cyber Risk Meetup and MySecurity Marketplace. Some 12 percent of the respondents were from outside Australia, including Singapore, Japan, the United Kingdom, the United States and Canada.
The respondents were provided a $50 donation to a mental health charity of their choice per completed survey. Sekuro said it will donate $5,050 to mental health charities as part of the research, which will be split across Beyond Blue ($1600), R U OK? ($1900) and Black Dog Institute ($1550).
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
