Data breach epidemic takes its toll

New study by Splunk shows that a significant number of UK CISOs are stressed, tired, and aren’t getting adequate time to relax.

  • 2 weeks ago Posted in

Splunk has revealed in a new survey that significant numbers of Chief Information Security Officers (CISOs) in the UK have suffered from stress and other negative emotions during 2024 as a result of their roles.

Splunk’s report shows that 35% of UK CISOs have experienced overwork or stress regularly over the past year. Twenty-three percent are actively looking for new roles: a fact that should be of concern for businesses as they look to get to grips with escalating cybersecurity attacks.

Key findings:

UK CISOs, and the teams they manage, have their work cut out for them. According to this year’s UK Government Cyber Security Breaches Survey, the amount of UK businesses suffering a cyber-attack or security breach rose from 39% to 50% in the last 12 months. Splunk’s survey suggests that CISOs are feeling the burn:

87% of CISOs think their role has become more challenging than the same role two years ago

The top-ranked way they felt their role had changed (at 33%) was that it now involved “a faster pace”

35% of CISOs reported regularly experiencing the negative emotions “overwork or stress” in the last year

27% have searched for a new role during the past year, while 23% are currently looking for new opportunities

The top drivers for looking for new roles include stress (44%) and declining mental health (28%)

Sleepless nights for CISOs

Splunk’s survey also indicated that a number of CISOs are experiencing negative effects on their health and wellbeing, particularly when it comes to their lack of rest and recovery. Half of UK CISOs are getting an average of six hours (or less) sleep per night, falling well below NHS guidelines. Almost two-thirds of respondents (63%) feel they lack sufficient time to recharge and maintain work-life balance, and over three-quarters (76%) did not take their full allocation of holiday in the last year.

Work demands are also having an impact on UK CISOs’ personal lives. A third (32%) have missed family engagements due to the demands of their roles and 33% believe that taking a whole weekend off without working is ‘unrealistic’.

The future of cybersecurity under threat?

There are also worrying signs for the wellbeing of cybersecurity teams more broadly.

Over one-third (34%) of CISOs reported observing signs of stress in those they manage, and 34% witnessed evidence of burnout within their teams. With increased cybersecurity headlines and reporting, 31% of CISOs expressed concern that the stress of their teams’ experiences will directly impact business operations and security posture.

For an industry that is already struggling to fill critical skills gaps, the findings cast doubt over the ability of businesses to simply retain their existing cybersecurity talent in 2025, let alone build teams capable of protecting them from cyber threats in the future.

Interestingly, despite clear signs of stress amongst a significant number of CISOs and their teams, fewer than half of the businesses surveyed (36%, according to UK CISOs) provide (or fund) access to mental health services or other wellbeing services.

Beacon, NY, Dec 20, 2024– DocuWare unveils its AI-powered Intelligent Document Processing...
85% of IT decision makers surveyed reported progress in their companies’ 2024 AI strategy, with...
Kyndryl and WPP, the creative transformation company, have created a modern, digital workplace...
The majority (87 percent) of IT professionals agree that there is a lack of gender diversity in the...
PagerDuty has released a study that reveals service disruptions remain a critical concern for IT...
NVIDIA continues to dominate the AI hardware market: powering over 2x the enterprise AI deployments...
Skillsoft has released new research exploring organizations’ strategic priorities for 2025 and...
Only 45% of business data is fully utilised in decision-making, while 34% of business leaders state...