- Two-thirds of cybersecurity incident responders have experienced stress or anxiety in their daily lives due to their profession, according to IBM Security’s Incident Responder Study released Monday. More than 4 in 10 respondents reported extreme or considerable mental strain after responding to a major cybersecurity incident.
- Nearly two-thirds said they have sought mental health assistance as a result of responding to cybersecurity incidents. But the majority of responders, more than 4 in 5, reported they have adequate access to these support services.
- Ransomware exacerbates the stress and psychological demands of cybersecurity incident response, according to the survey respondents. More than 4 in 5 attributed additional stress to ransomware.
Cybersecurity incident response is a high-stress, high-demand job that has a negative effect on mental health and wellbeing.
Despite those impacts, incident responders overwhelmingly cite a sense of duty and opportunity to protect organizations as the leading factor that attracted them to the profession, according to IBM Security.
Stressors in the field are abundant with ransomware, long work days and responsibilities spread across multiple overlapping incidents reported as the most common.
More than two-thirds said it’s very or somewhat common for them to be assigned to at least two incidents that overlap. More than half said they work 8 to 12 hours per day and more than one-third of responders reported working at least 13 hours a day.
Incident responders also reported bouts with insomnia and burnout at rates of 30%, and 29% said their work has had an impact on their social life and personal relationships.
Many of these issues are common throughout the cybersecurity landscape and can be long-lasting.
“There's just certain foundational, fundamental attack mechanisms that are used again, and again and again,” Ed Skoudis, president of SANS Technology Institute, said in a previous interview.
“That can lead to burnout and frustration when you start this industry, bright eyed and bushy tailed, and then you realize you're 10 years in and it's just as vulnerable or more vulnerable than before,” Skoudis said.
IBM Security, for the report, commissioned Morning Consult to survey more than 1,100 cybersecurity incident responders across 10 countries in July.