ISACA: Cybersecurity Job Stress Gets Worse

Two-thirds of cybersecurity professionals say job stress is growing, according to a recent study by ISACA, a Schaumburg, Illinois-based technology trade association.

In an annual survey of more than 1,800 cybersecurity pros, 66 percent reported an increase in stress over the last five years, largely driven by increasingly complex threat landscapes (81 percent), low budgets (45 percent), hiring/retention challenges (45 percent), insufficient training (45 percent), and inadequate management prioritization of cybersecurity.

Meanwhile, 38 percent of organizations are experiencing increased cybersecurity attacks, compared to 31 percent a year ago. These top attack types include social engineering (19 percent), malware (13 percent), unpatched system (11 percent) and Denial of Service (11 percent). Nearly half (47 percent) expect a cyberattack on their organization in the next year, and only 40 percent have a high degree of confidence in their team’s ability to detect and respond to cyber threats.

“Social engineering attacks, such as phishing, are a growing concern for organizations as human error remains a major factor in data breaches,” said Mike Mellor, VP of Cyber Operations at Adobe, the sponsor of the report. “With the increasing frequency and sophistication of these attacks, it’s essential for organizations to adopt secure authentication methods to strengthen their defenses. Adobe believes that fostering a deep security culture among all employees through anti-phishing training, combined with stronger controls such as zero-trust networks protected by phishing-resistant authentication are essential in safeguarding any organization.”

Employers seeking qualified candidates for open roles are prioritizing prior hands-on experience (73 percent) and credentials held (38 percent). Respondents indicate that the main skills gaps they see in cybersecurity professionals are soft skills (51 percent)—especially communication, critical thinking and problem solving—and cloud computing (42 percent).

For the more than half of survey respondents (55 percent) that reported having difficulties retaining qualified cyber candidates, the main reasons for leaving included being recruitment by other companies (50 percent, down eight points from 2023), poor financial incentives (50 percent), limited promotion and development opportunities (46 percent), and high work stress levels (46 percent).

Channel Impact^®
Partners can help companies to address the issues around occupational stress, and explore ways to support staff before burnout and attrition occur.