Your biggest cybersecurity threat in 2022 may just be… burnout?


There might never have been such a ripe time to experience professional burnout. We’re rounding the corner into Year 3 of a global pandemic; we’ve spent much of the last two years in some form of lockdown, juggling a new working reality all while figuring out child care, education, you name it… add in trying to maintain some semblance of sanity? Forget about it. It’s no wonder that burnout is on the minds of workers and employers perhaps like never before. People are re-examining their lives and their priorities, especially their relationships to work, and it’s putting the squeeze to businesses everywhere as talented employees leave in droves. And even for your employees who are staying around, the signs of burnout are all around you if you take the time to look.

So what does this have to do with cybersecurity?

Burnout is real, and it’s a huge threat to your operational security

According to a survey of more than 500 IT decision makers by threat intelligence company ThreatConnect, 50% of private sector businesses already have gaps in basic, technical IT security skills within their company. What’s more, 32% of IT managers and 25% of IT directors are considering quitting their jobs in the next six months – leaving employers open to a cacophony of issues across hiring, management, and IT security. ThreatConnect’s research found that high levels of stress were among the top three contributors to employees leaving their jobs, cited by 27% of survey respondents.

So, burnout (and its related symptoms) could very readily impact your company from a staffing and HR perspective (if it hasn’t already). But the threat to your information environment isn’t just in losing talented staff, but real-time threat exacerbation as well.

Burnout makes your employees more likely to fall for cyberattacks

A study conducted by Tessian and Stanford University in 2020 found that 88% of data breach incidents were caused by human error. Nearly half (47%) cited distraction as the top reason for falling for a phishing scam, while 44% blamed tiredness or stress. (Again, fatigue and stress rearing their ugly heads)

Not only are threat vectors making spear-phishing campaigns more and more sophisticated, but they’re also targeting recipients during the afternoon slump, when people are most likely to be tired or distracted. Tessian’s data showed that most phishing attacks are sent between 2pm and 6pm.

While this is cunning manipulation, these stats show how vulnerable almost every business is… and that’s before we had a global pandemic to contend with!

Our cognitive load becomes overwhelming to the point of incapacitation when we’re burnt out. We can’t focus for long enough to make informed executive decisions in a mental state defined by burnout, which provides the most target-rich environment for threat vectors to succeed.

If our teams or staffers are feeling the weight of burnout, they’re far, far more likely to open your company up to a security risk or breach. And, if you’re not a large enterprise with an entire cybersecurity team on staff, it can be really hard to build the necessary security culture to avoid slip ups. And if/when a slip up does happen, you’re left holding the bag for loss mitigation and clean up.

That’s where we come in. While we most certainly can’t prevent all burnout from occurring within your organization, we can take the cybersecurity management functions off your plate. We manage our clients’ entire technology environment to ensure maximal uptime with minimal security risks. We stress test our clients’ systems and teams to identify weaknesses and plug them before they present opportunities for actual damage from threat vectors.

Most importantly, we let our partners focus on running their business because they know we have their back.

Drop us a line today, and let us show you how we can make your company’s life a lot easier