The Hidden Crisis: How Stress is Forcing 1 in 4 Chief Information Security Officers to Quit

A Chief Information Security Officer (CISO) has always had huge responsibility. But with increased cyberthreats and a growing workload, security leaders are under siege. According to research we recently commissioned, 1 in 4 CISOs are considering quitting their jobs within the next six months, and 54% are open to new opportunities. The stress and inadequate support from organizations is driving this crisis.

Another important finding is that job-related stress and demands of the job are leading 93% of security leaders to consider quitting. The typical workweek for these leaders is also telling, with nearly all (98%) admitting to working beyond contracted hours, many clocking 9 extra hours a week on average. Alarmingly, 15% of those surveyed work over 16 extra hours a week.

CISOs are also under pressure because cyberthreats themselves are evolving at a frightening rate. Malware and ransomware attacks account for more than a third of the respondents’ anxiety (37%). 42% of security leaders worry about AI-powered cyberattacks as AI becomes more common for attackers. A quarter also said data exfiltration was a growing threat, given that ransomware tactics increasingly involve stealing sensitive information.

The study also examines how security leaders are managing—or struggling to manage—their stress. On the positive side, 86% of participants engage in physical activities, recognizing that exercise improves their well-being. Among those surveyed, 75% reported getting enough sleep, and 82% said they set boundaries between work and personal time.

However, not all coping strategies are healthy. In the past year, some respondents admitted to using drugs or alcohol to alleviate job-related stress, while 69% said they withdrew from social activities. These troubling statistics highlight the mental health challenges many CISOs face in balancing work and family life.

Despite these challenges, there is evidence that some organizations are taking steps to support their security leaders. Nearly two-thirds of the respondents reported receiving practical support from their employers, such as flexible working hours (65%) and the ability to work remotely or in a hybrid model (62%).

However, there is still room for improvement. Many CISOs feel that their organizations could be doing more to ease the burden. The survey found that 41% of security leaders are calling for increased budgets to invest in the tools they need to defend against evolving threats, and 40% want more time to focus on addressing serious security issues.

The findings from our research paint a clear picture of a profession on the brink. Security leaders are facing an overwhelming combination of stress, long hours, and evolving cyberthreats.

Without more support from their organizations, many will walk away, leaving companies vulnerable and scrambling to fill the gap. To prevent this exodus, organizations need to invest not just in cybersecurity tools designed to combat new AI-based threats, but also in the well-being of their leaders.

Founded in 2015, BlackFog is a global cybersecurity company that has pioneered on-device anti data exfiltration (ADX) technology to protect companies from global security threats such as ransomware, spyware, malware, phishing, unauthorized data collection and profiling. Its software monitors enterprise compliance with global privacy regulations and prevents cyberattacks across all endpoints. BlackFog uses AI to preemptively prevent hackers from exploiting vulnerabilities in enterprise security systems and data structures.

BlackFog recently won the “Best Threat Intelligence Technology” in the 2024 Teiss Awards, “Data Leak Detection Solution of the Year” award in the CyberSecurity Breakthrough Awards, as well as a Gold award in the Cybersecurity Excellence Awards for Best Virtual CISO Offering, a Silver award for Ransomware Protection and Most Innovative Cybersecurity Company in 2023. BlackFog also won a Globee award in 2023 for the State of Ransomware report which recognizes outstanding contributions in securing the digital landscape.

BlackFog’s preventative approach to security recognizes the limitations of existing perimeter defense techniques and neutralizes attacks before they happen at multiple points in their lifecycle. Trusted by corporations all over the world, BlackFog is redefining modern cyber security practices. For more information visit https://www.blackfog.com