The IT industry is currently running on about two-thirds of the human resources it needs. Due to this shortage of capacities, the risk of burnout is high. Many IT teams now work under huge amounts of stress and are overwhelmed by tasks. What should you as a CEO or as a business manager do to enhance your IT team’s well-being?
Most business owners are aware of the importance of digitalization. Nevertheless, sometimes they forget that the more processes and parts of their company turn online, the greater the burden on digital security and other IT experts. Nowadays, the expertise of IT admins and other specialists reaches far beyond just setting up printers or helping employees with trivial internet-related issues. Their role has become central, since they now also protect the business systems and continuity from malicious actors.
is how much the number of unfilled cybersecurity jobs grew from 2013 to 2021
Source: Cybersecurity Ventures, 2021
of security professionals report feeling burned out
Source: 1Password, 2021
The higher the importance of digital security, the higher the demand for IT experts is. In recent years, hiring has become a challenge, since there is a huge shortage of talent on the market. Therefore, it is crucial for companies that have been lucky to find highly skilled IT specialists to take their IT team’s well-being into account and prevent burnout, which might result in job-quitting or low performance of the specialists.
This phenomenon is nothing unusual these days. As stated by the software company 1Password, 84% of security professionals report feeling burned out. Also, one in three workers say burnout is affecting their initiative and motivation levels. “Widespread burnout among employees, and security professionals in particular, is leaving organizations dangerously vulnerable to cybersecurity attacks,” explains the 2021 States of Access Report. “The issue, in my opinion, is a combination due to the lack of experienced talented people, the accelerated digital transformation we have witnessed in the past two-plus years, and the never-ending barrage of cyberattacks that cybersecurity teams are required to deal with,“ says Tony Anscombe, ESET Chief Security Evangelist.
Common signs of burnout
- Feeling tired or drained most of the time
- Feeling helpless, trapped, and/or defeated
- Feeling detached/alone in the world
- Having a cynical/negative outlook
- Procrastinating and taking longer to get things done
- Feeling overwhelmed
Source: Mental Health UK
According to Stacy Thayer, Professor of Cyberpsychology at Norfolk State University, stress and burnout can lead to mental fatigue, which can negatively impact motivation and engagement. “It can also cause diminishing focus and performance levels, and have a negative impact on operational security, satisfaction, and performance, both in the office and at home,” states the specialist.
On the contrary, according to Oxford University, happy employees are 13% more productive at work. So, what can you do to make your IT team feel good and enable them to do their job the best they can?
1. Hear out your IT team and provide them with a sufficient budget.
To be able to identify the latest trends in digital security, implement relevant data protection strategies, and perform its job with self-confidence, the IT team needs a corresponding budget. Whereas some CEOs are aware of this fact, others still fail to recognize the importance of adequate financial support and investments in effective cybersecurity software, and other measures.
Although cybersecurity spending is growing worldwide, some areas of cybersecurity tend to be underestimated, such as the BYOD (Bring Your Own Device) policies. If your IT team identifies such gaps in your infrastructure, trust their expertise and provide it with an appropriate amount of finances to solve the problem. The costs of a cyberattack caused by such vulnerabilities are usually much higher than the investment in prevention.
of IT professionals say that investment in IT security in their company has not kept pace with the changes to their operational model
(*Depending on the country)
of IT professionals say that budget limitations and lack of investment are among the top three challenges within SMBs’ IT departments
2. To ease the IT team’s stress, try outsourcing.
Are your IT experts indicating that they’re overloaded with work? Maybe it’s time you let them focus on the most crucial or strategic tasks and outsource the daily agenda. There are many external companies that can help take care of your cybersecurity needs. For example, you can reach out to an MSP (Managed Service Provider), as responsibilities such as server, router, and firewall monitoring can be handed over to these external experts.
“Whether you’re an NGO, a car dealership, or a gaming studio, an MSP can help you focus on your core competencies, while they take care of the day-to-day agenda, like monitoring firewalls and security logs,” explains Charles Weaver, co-founder and CEO of the MSPAlliance. “On top of internal requests, updates, and projects, the IT administrators should focus on the company’s IT strategy and business issues. It’s natural that they can’t do it all, and that’s when an MSP can step in.”
Burnout identifiers related to IT and cybersecurity
- High levels of mental workload
- Anticipation of cyberattacks
- Shortages in staffing and increases in workload
- Struggles to find one’s place within an organization
- Work is often not appreciated in the organization
Source: Thayer, Stacy, 2022
3. Lower your requirements for cybersecurity jobs.
There is also another possibility, a way to raise the capacity of your IT team while also avoiding the burnout of your experts. How? Lower the requirements for cybersecurity jobs. “Many companies require candidates to be educated on a high level, hold an industry recognized cybersecurity qualification such as CISSP, and to have 3–5 years’ experience,” says ESET cybersecurity expert Tony Anscombe.
In his view, these requirements are at least partially to blame for the unfilled cybersecurity positions. “Get some of the less experienced but interested and keen into the workplace for them to gain that experience and to become the expert talent needed to defend against the attacks of the future,” adds Anscombe.
Commonly found solutions for burnout
- Change work patterns: work less, take more breaks, avoid overtime work, balance work with the rest of one’s life
- Develop coping skills: stress management, take a vacation, set boundaries
- Obtain social support: interaction with friends, colleagues, and family
- Relaxation strategies: meditation, breathing exercises, new hobbies
- Promote good health and fitness: work out, eat right, get good sleep
- Develop a better self-understanding: use various self-analytic techniques, counseling, therapy
Source: Thayer, Stacy, 2022
4. Invest in technical tools that ease the IT manager’s work.
Many cybersecurity teams rely on manual monitoring or reporting, and they are overwhelmed by the number of false positives and other redundant notifications. Not only outsourcing but also implementing effective technical tools can help if you wish to relieve your IT team from repetitive work to help them concentrate on more important tasks and to prevent human error. Try to look for reliable automated tools.
5. Bring organizational transparency and talk about burnout openly.
Build a company culture, in which overworking is not glorified and the work-life balance, as well as self-care, are encouraged. If your employees, including IT specialists, can talk about their emotions and feelings openly, you might also be able to spot the first signs of burnout and take action to provide your co-workers with appropriate support. Because, in tough times, a supportive leader is of the highest importance.