Cynet revealed findings from its “Implications of Stress on CISOs 2023 Report.” The company surveyed chief information security officers (CISO) at small to midsize businesses with security teams of five employees or less to better understand their levels of work-related stress and how their mental health is impacting their work life and personal life. Cynet found 94 percent of CISOs report being stressed at work, with 65 percent admitting work-related stress issues are compromising their ability to protect their organization. Among the CISOs surveyed, 100 percent said they needed additional resources to adequately cope with current IT security challenges.
The lack of bandwidth and resources is not only impacting CISOs, but their teams as well. According to the report, 74 percent say they are losing team members because of work-related stress issues, with nearly half (47 percent) of these CISOs having more than one team member exit their role over the last 12 months. Relentless stress levels are also affecting recruitment efforts with 83 percent of CISOs admitting they have had to compromise on the staff they hire to fill gaps left by employees who have quit their job. More than a third of the CISOs surveyed said they are either actively looking for or considering a new role.
Key findings from the report include:
- 77 percent of CISOs believe that their limited bandwidth and lack of resources has led to important security initiatives falling to the wayside, with 79 percent of these CISOs claiming they have received complaints from board members, colleagues or employees that security tasks are not being handled effectively.
- 93 percent of CISOs believe they are spending too much time on tactical tasks instead of performing strategic, high-value work and management responsibilities. Among the CISOs who believe they are overly invested in tactical tasks, more than a quarter report spending their workday almost exclusively on tactical/operational tasks.
- 84 percent of CISOs say they have had to cancel a vacation due to an urgent work matter and 64 percent report they’ve missed a private event because of work fatigue. More than 90 percent consistently work 40+ hours per week with no break.
The major takeaway from the survey is that CISOs – and their teams – are suffering from overwhelming amounts of stress and it's affecting everything from the security of their company to their day-to-day work routines and, ultimately, their life outside of work. In fact, 77 percent of CISOs said that work-related stress was directly impacting their physical health, mental health, and sleep patterns.