Fight Staff Burnout: Cybersecurity Teams Overworked, Understaffed


Fight Staff Burnout: Cybersecurity Teams Overworked, Understaffed – Those working in the cybersecurity field have made it through this pandemic mostly unscathed. Businesses do still face the challenge to hire and retain new talent. continue at levels similar to years past.

According to a 2021 survey released by the Information Systems Audit and Control Association (ISACA®), “53 percent of the 3,600 information security professionals who participated in the survey indicated they had difficulty retaining talent last year during the pandemic—a four percentage point decline from the year before”. It is believed that due to the pandemic, many workers were not too fast to leave their current employers, coupled with the fact that many employers were allowing their workforce to work remotely.

Other interesting findings from the ISACA®’s State of Cybersecurity 2021:

  • 61 percent of respondents indicate that their cybersecurity teams are understaffed.
  • 55 percent say they have unfilled cybersecurity positions.
  • 50 percent say their cybersecurity applicants are not well qualified.
  • Only 31 percent say HR regularly understands their cybersecurity hiring needs.

To address the challenges that our industry face there are steps we can take to help keep cybersecurity professionals and the digital world healthy. The threat landscape is contently evolving, which can overwhelm employees in their day-to-day roles.

Backup teams

Consider rotating staff or outsourcing some of your security operations. This will allow your internal team to focus on priority security tasks, and training (addresses the need continuously upskill). Taking a break from the day-to-day operations will go a long way towards the mental and physical health of your staff.


Enhance your existing SOC’s effectiveness with expert incident response, forensics, remediation, proactive threat hunting and more.


Automate, automate, automate

When organizations automate repetitive tasks, it reduces its cybersecurity staff workload and frees up time, allowing employees to focus where they are most needed.


A little recognition goes a long way to boost morale.

  • Monthly company-wide recognition email. Managers and executives should take part in recognizing direct reports and employees.
  • A handwritten note from the CEO. Whether it’s a job well done, a wedding, work anniversary, or a birthday, a handwritten note from the top feels good. Recognizing an event with a note leaves a lasting impression.
  • Gift cards are great, what about a day off? An extra day off (make it a Friday and give them a 3-day weekend) helps staff to decompress. Want to make it extra special? Give them a gift card and treat them to lunch.

The goal is to impress the staff that they are valued and to release some of the pressure that weighs on cybersecurity professionals. Working in cyber brings with it many rewards, but it is a high-stress profession. To help fight off burnout which can lead to sloppy work as well as high staff turnover, businesses must create policies that are beneficial to the health and efficiency of their staff. Create a supportive culture and work environment and train managers to recognize the signs of burnout and provide the resources to address them.