Great Resignation Triggering Cybersecurity Overwork, Burnout

The Great Resignation is beginning to impact the cybersecurity industry, according to a new report by Cobalt.

The report, based on a survey of more than 602 cybersecurity specialists and software developers working at companies with more than 500 employees, points to a growing talent shortage within cybersecurity teams. Some 45 percent of respondents indicated their departments are wrestling with an employee shortage, while 11 percent expected a shortage to develop in the near-term.

And it’s not just a matter of the educational and training pipeline failing to deliver enough suitable candidates to the cybersecurity job market—some 84 percent of respondents said that someone on their team had quit within the past six months. Those quits put immense pressure on the remaining team to adequately monitor for vulnerabilities, respond to security incidents, and maintain their security standards.

On a personal level, limited staff and resources is also sparking burnout. Some 58 percent of respondents said they were experiencing it, and 63 percent their mental health had been impacted in some way—only slightly less than the number (64 percent) who said the same about their physical health. 

Over the past few months, other sources have pointed to the Great Resignation putting more pressure on the cybersecurity industry. A recent analysis by Cyber Seek, a job-tracking database developed by the Department of Commerce and CompTIA, found more than 597,000 open cybersecurity positions across the U.S. (with 38,600 open across federal, state and local government agencies).

“Over the last year or so it’s become clear that this is a seller’s market. The Great Resignation has exacerbated the already short supply of practitioners, and quality of life issues such as remote work and limited travel have been elevated in importance,” Mike Hamilton, a former CISO for the City of Seattle who is now the founder and CISO at security firm Critical Insight, told Dice. 

For cybersecurity specialists who are looking for a salary bump or better benefits, it’s potentially a good time to take interviews and explore offers. For those who decide to stick with their current teams, though, it’s also clear that a high rate of quits is producing burnout and other critical issues. Managers who oversee cybersecurity teams must do their best to ensure that their team members are communicating their needs and working on the best possible schedule. The organization’s security is at stake.