It’s no secret that the security leaders, especially chief information security officers (CISOs), have one of the most stressful jobs in the C-suite. They are bumping up against high demand, high risk, and often unrealistic expectations for their work. As we see security leaders leaving the profession, citing burnout as a key contributor, and a talent shortage to fill these vital roles to keep organizations safe, we find ourselves amid a mental health crisis for CISOs and other security leaders.
I first started writing about this crisis at the beginning of the year in a two-part series for Dark Reading (Part 1, Part 2), which was then followed by a webinar discussion I had with my colleague Mike Anderson and Neuroscientist Marcia Goddard. It’s clear that the external expectations and compounding risks are driving security leaders to the point of burnout, which I addressed in recent articles at HelpNet and VentureBeat.
Shining a light on this industry-wide problem and starting conversations about shared experiences is just the beginning though. While more PTO and taking time to disconnect is one suggestion many make, we need to take it a step further.
Beyond what I’ve written and spoken about already, I’ve had conversations with a number of CISOs who are running into these situations too and looking for options to help. With a talent shortage in the industry, and burnout on the rise, security leaders’ mental health and well-being should be just as big a priority to an organization as having the right technology in place to make sure their sensitive data is properly secured. There need to be resources available for security professionals to turn to help them manage the high levels of stress that come with their position and help them to prioritize their own well-being. I see this as a holistic balance between mental health and technology.
From my view, the next step in this journey to findi