The battle to prevent cyber attack damage on company websites and infrastructure is taking a toll on cybersecurity staff, according to studies from Gartner and Splunk. (Source: Adobe Stock)

New Cybersecurity Threats Contribute to Employees’ Physical, Emotional Burnout

We stumbled on an article about the impact of cyber attacks in the workplace, and just what damage is being done physically and emotionally to people who work in cybersecurity.

Karl Greenburg, a cybersecurity expert, wrote the story for This website for professionals in high-tech provides a straightforward understanding of the problem for the public. The story details the results of data released by two tech consulting firms, Gartner and Splunk.

Gartner’s 2023-2024 cybersecurity outlook, which the consultancy presented this week, contains good news and bad. There has been a significant shift from three years ago when chief information security officers were struggling to exert board-level influence.

Partly due to emerging technologies such as Web 3.0, conversational AI, quantum computing, and supply chains, along with increasingly sophisticated attacks, security leaders now have more influence in the C-suite. However, as Craig Porter, director of advisory for Gartner’s Security Research and Advisory team said,

“Threat actors have access to powerful tools like ChatGPT, which can generate polymorphic malware code that can avoid detection, or even better, write a convincing email. What a fun time to be a security professional!”

More Sophisticated Threats

It didn’t take long for the bad guys to start using the very same ChatGPT that has taken the world by storm since last fall. And while it was expected, it is still surprising how quickly the criminals turned this amazing algorithm into a tool for illegal uses.

The stress that the new chatbots place on the actual human in charge of deflecting security breaches has greatly increased. While the war with hackers and senders of malware takes place digitally on electric wires, the generals running the operations have families they go home to every night. Their families are also seeing an increase in the health issues of these executives. And the predictions don’t look good for the next few years if they even stay on the job.

“The work stressors are on the rise for cybersecurity and becoming unsustainable. It seems like it’s always ‘good dog,’ never ‘great dog.’ The only possible outcomes in our jobs as security risk management professionals are either get hacked or don’t get hacked. That puts security risk management leaders on the edge of their limits with profound and deep psychological impacts that affect decisions and performance,” he said.

Privacy to Take Precedence

Gartner predicts that by 2024, modern privacy regulation will blanket the majority of consumer data, but less than 10% of organizations will have successfully made privacy a competitive advantage. He noted that, as the pandemic accelerated privacy concerns, organizations have a clear opportunity to strengthen business by leveraging their privacy advancements.

“Just as a general statistic to exemplify the growth of this trend, the percentage of the world’s population with access to several fundamental privacy rights exceeds that with access to clean drinking water,” he said.

“With more countries introducing more modern privacy laws in the same vein as the European Union’s General Data Protection Regulation, we have crossed a threshold where the European baseline for handling personal information is the de facto global standard,” said Porter. He counseled security and risk management leaders to enforce a comprehensive privacy standard in line with the General Data Protection Regulation. Doing so, he said, will be a differentiator for companies in an increasingly competitive market.

Second Study Sees Staffing Changes

An April study by security firm Splunk concurs with Gartner’s findings. In Splunk’s 2023 State of Security report:

Eighty-eight percent of respondents across North America, Western Europe, and Asia-Pacific reported challenges with cybersecurity staffing and skills.
Fifty-three percent said that they cannot hire enough staff generally, and 59% reported being unable to find talent with the right skills.
Eighty-one percent said critical staff member(s) left the organization for another job due to burnout.
Over three-quarters of respondents revealed that the resulting increase in their workload has led them to consider looking for a new role.
Seventy-seven percent said one or more projects/initiatives have failed.

If you are in the cyber security field or are considering a career in the field, then you should read this piece carefully. It is a bit technical but it is important information about how AI is having a direct effect on our lives in ways that we don’t completely understand yet. The upshot is that companies will need to change their cultures instead of putting all of the burden of cybersecurity on the people who do the checks and repairs.