As ransomware and cyberattacks continue to wreak havoc on corporate networks, one third of cybersecurity professionals are considering leaving their role within the next two years due to stress or burnout, according to new research from email security company Mimecast.
The London-based firm’s research, “The 2022 State of Ransomware Readiness Report,” finds that 33% of cybersecurity decision-makers are thinking of leaving their role, and the same percentage say their teams experience an increased number of absences due to stress and burnout following an attack.
According to Mimecast, 54% say ransomware attacks have a negative impact on their mental health, and 56% say their role gets more stressful every year.
The report also dives into the factors leading to that stress, including an increasing rate of cyberattacks and more expensive remediations. More than three-quarters (77%) of cybersecurity leaders say the number of attacks against their organization has increased since last year or stayed the same, and nearly two-thirds say their organization has experienced at least one ransomware attack in the past year.
Mimecast’s report, a global survey of 1,100 cybersecurity leaders, also found that many organizations deal with long-term organizational consequences, including C-suite changes, which has affected 22% of businesses. In addition, 20% say they have been subjected to legal action because of the ransomware attack.
Brand reputation remains a big factor among tech leaders, as 53% say growing media coverage of ransomware attacks is leading to increased pressure to prepare and prevent such attacks. This becomes despite movements pushing back on “cyber-shaming” organizations that are compromised.
One major source of stress is budgeting and the cost of remediation cyberattacks, as 56% of attacks cost more than $100,000 in total, and with half of organizations allocating less than $550,000 to their annual cybersecurity budget, just one attack could consume 20% of the total budget, Mimecast says in the report.
Mimecast calls on organizations to do more to support their IT and security teams, including allocating a level of resource that aligns with the severity of threats faced by he organization.
In addition, the company recommends organizations integrate security tools to improve threat detection and response to help alleviate pressure, implement fundamental practices to reduce vulnerabilities and evaluate the organization’s business continuity planning to act quickly in the event of an attack.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!