Now that the calendar has flipped to November, the end of the year is in sight. It’s a popular time for friends and family to gather for the holidays, yet unfortunately, it’s also a popular time for cyber attackers to ramp up their exploits. Our thoughts turned to the cyber professionals on the front lines. What compromises do they feel pressured to make in their work-life balance to keep their companies secure? How often does their work actually impinge on their personal time?
To better understand the toll that cybersecurity takes on practitioners, Centripetal conducted a survey at InfoSec World 2023, and various cybersecurity events in the UK and Ireland. The goal was to discover how much personal time was lost – or to borrow a term from our own industry, compromised – and to understand the reasons behind it.
While not surprising to anyone working in cyber, the results illustrate just how intrusive an always on security culture has become. Of the security professionals surveyed, 90% reported that they checked email, Slack and other forms of work communication when they were on vacation. Only 9% said that they never checked these communications.
This reveals that even when employees are utilizing their legitimate right to time off work, they are unable to completely switch off from their job. Alarmingly, this problem is not just limited to the holidays or a summer vacation. Almost a third (32%) of the cybersecurity professionals we surveyed said their personal lives are interrupted by work every night. This number rises to 70% when asked if they are impacted at least once a week.
The fact that so many employees find that their cybersecurity jobs regularly interfere with their personal lives implies a crisis of work-life balance in our industry. Every security professional surveyed works in their personal time – almost a fifth (18%) of security professionals are working over a full day’s worth of unpaid overtime (8+ hours) a week.
What’s driving the long hours? Loyalty to the company is the reason why almost half (46%) of security professionals work these long hours. Just under a quarter (23%) said increased cyber threats were the reason. Another 16% said inadequate staffing, and one in ten claimed they were the only one who could do the job.
What Can be Done?
Clearly, these results present not only a social problem but a security concern. We know that an appropriate work-life balance can reduce stress, improve emotional states, and increase overall employee productivity and satisfaction. It’s vital for companies to create a culture where employees can switch off without feeling guilty or under pressure.
It’s inspiring that the most significant reason cybersecurity professionals engage in out-of-hours work is because of loyalty to their company. Not only should companies work harder to encourage their employees’ work-life balance, they should also consider how to mitigate their workload. One way to do this is to ensure that adequate tools and solutions are in place to offload more of the day-to-day security tasks. Automating or outsourcing tasks can give staff the confidence to truly switch off and take a well-earned break.
To learn more about how Centripetal can help your security staff achieve a better work- life balance, get in touch.