The Mental Health of IT Decision-Makers Suffers in Cybersecurity

Published on
it decision makers and mental health

London, 19 Dec, 2023 – Integrity360, one of the leading pan-European cybersecurity specialists, has today announced findings from independent research into mental health and well-being amongst IT decision-makers. The survey of 205 IT security decision makers was conducted between 9th-14th August 2023 and provides a worrying insight into the mental well-being of those in the cyber security industry and the concerns around how budget restraints and the challenging economy have impacted mental health. 

Almost 60% of surveyed IT decision-makers agreed that budget cuts have negatively impacted their mental health and well-being. To add to that, 55% noted that the current economic climate has reduced access to mental health and well-being resources within their organisation. 

It would seem that protecting sensitive data (48%) is the biggest cyber security challenge keeping IT decision-makers awake at night, followed by managing risk and compliance (28%), defending identities (26%), ransomware (25%) and securing cloud environments (23%). Secure IoT and OT environments (20%), expanded attack surfaces (19%) and security consolidation (18%) are also cause for sleepless nights.

For CIOs specifically (30%), their concerns over security consolidation were somewhat higher than others such as information security analysts (14%) and CTOs (18%) that were surveyed. This is likely due to their direct involvement in managing the process, as businesses continue to tackle solution sprawl and consolidate the security tools they have deployed to maintain control and visibility over their networks. 

Whilst ransomware ranked below protecting sensitive data, the ransomware resurgence in particular, was cited by 57% as having negatively impacted the mental health and well-being of those surveyed.

“Ransomware is still proving to be a lucrative means of attack and new techniques such as double extortion are just another example of why businesses should be prepared for the when and not if”, said Brian Martin, Head of Product Development, Innovation and Strategy at Integrity360

"Ransomware operators using extortion as opposed to ransoming data means they no longer need to encrypt the data they steal, and it’s now morphed into data theft. Businesses need to be prepared that these tactics will continue to evolve and have the necessary teams and processes in place. A dedicated IR team will relieve the pressure and strains placed on businesses trying to keep pace with attackers.” 

Worryingly, 63% of those surveyed noted that their work within the cybersecurity industry increased their stress and anxiety. The good news however, is that almost 70% highlighted that their organisation provides adequate support for their mental health and well-being. Despite this, a significant majority (75%), said they would like to see more investment in mental health and well-being resources.

"Cybersecurity budgets have always been challenging and this year has certainly tested many businesses. A myriad of issues from budget, economic downturn and skills shortage have all impacted the workload placed on those tasked with tackling cyber threats and compliance and it’s no surprise this is having a detrimental effect on mental well-being. 

“Businesses need to find solutions to support their employees and ensure that the systems they are working so hard to secure are up to the task. Enlisting third-party help or outsourcing to an MSSP could be a good place to start,” added Martin.