Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News

      Trump tariffs could wreck South Africa’s vehicle manufacturing industry

      14 July 2025

      Legislative overhaul on the cards for South Africa’s ICT sector

      14 July 2025

      The 1940s visionary who imagined the Information Age

      14 July 2025

      Microsoft South Africa to get new MD as Lillian Barnard moves to regional role

      14 July 2025

      Zuckerberg used open source to scale AI – now the lock-in begins

      14 July 2025
    • World

      Grok 4 arrives with bold claims and fresh controversy

      10 July 2025

      Bitcoin pushes higher into record territory

      10 July 2025

      Cupertino vs Brussels: Apple challenges Big Tech crackdown

      7 July 2025

      Grammarly acquires e-mail start-up Superhuman

      1 July 2025

      Apple considers ditching its own AI in Siri overhaul

      1 July 2025
    • In-depth

      Siemens is battling Big Tech for AI supremacy in factories

      24 June 2025

      The algorithm will sing now: why musicians should be worried about AI

      20 June 2025

      Meta bets $72-billion on AI – and investors love it

      17 June 2025

      MultiChoice may unbundle SuperSport from DStv

      12 June 2025

      Grok promised bias-free chat. Then came the edits

      2 June 2025
    • TCS

      TCS+ | MVNX on the opportunities in South Africa’s booming MVNO market

      11 July 2025

      TCS | Connecting Saffas – Renier Lombard on The Lekker Network

      7 July 2025

      TechCentral Nexus S0E4: Takealot’s big Post Office jobs plan

      4 July 2025

      TCS | Tech, townships and tenacity: Spar’s plan to win with Spar2U

      3 July 2025

      TCS+ | First Distribution on the latest and greatest cloud technologies

      27 June 2025
    • Opinion

      In defence of equity alternatives for BEE

      30 June 2025

      E-commerce in ICT distribution: enabler or disruptor?

      30 June 2025

      South Africa pioneered drone laws a decade ago – now it must catch up

      17 June 2025

      AI and the future of ICT distribution

      16 June 2025

      Singapore soared – why can’t we? Lessons South Africa refuses to learn

      13 June 2025
    • Company Hubs
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • AvertITD
      • Braintree
      • CallMiner
      • CambriLearn
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • Incredible Business
      • iONLINE
      • Iris Network Systems
      • LSD Open
      • NEC XON
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SevenC
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Tenable
      • Vertiv
      • Videri Digital
      • Wipro
      • Workday
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Motoring
      • Public sector
      • Retail and e-commerce
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
    • Events
    • Advertise
    TechCentralTechCentral
    Home » Information security » The greatest cybersecurity threat of all

    The greatest cybersecurity threat of all

    By Steve Jump3 June 2020
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp

    It is common knowledge that there are too few information security professionals to meet the demands of business. Estimates are that for every qualified information security practitioner on the market in 2020 there will be at least three vacant positions for them to choose from.

    Information security as a choice of specialisation is now a hot topic because it pays really well — quite possibly the highest starting and career salaries in the IT professions. The lucrative salary, however, can come at quite a personal cost.

    That earning opportunity is attracting a lot of otherwise normally IT-capable people into considering security as a specialised discipline. Companies are paying more to attract and retain these skills. In spite of these lucrative opportunities, why is it that so many experienced security professionals are leaving their current employers?

    Although burnout is common in high-pressure industries, the pressures that security professionals are exposed to can take this to a new and disturbing level

    IT has always been a high-stress profession, but information and cybersecurity specialists and executives are currently seen as the most likely subjects to experience burnout. Although burnout is common in many high-tech, high-pressure industries, the pressures that security professionals are exposed to can take this to a new and disturbing level.

    One reason for this is too few security specialists, as everyone who is able to deliver a competent cybersecurity function will be overworked — nothing new there in the IT space. But, apart from the brutal and merciless 24×7 “fix it now” ethos common to IT, cybersecurity practitioners have another equally challenging problem to contend with.

    Cybersecurity in principle is about detecting and defending your company from active attacks by cybercriminals. It is an unending, intense and technically demanding process. This continual and aggressive attack, however, triggers an equally intense response in the best security practitioners; where their understanding and dedication can lead them to take a strong personal and emotional position in defence of their companies.

    Underappreciated, overworked

    Often overworked, underappreciated, frequently blamed for that one failure out of a hundred unacknowledged successes, rarely appreciated by the very business that they protect; these emotionally engaged front-line cyber warriors, whether at a network technical level, security operations executive, or at CISO level, can easily fall prey to a level of PTSD that can lead to serious burnout.

    The very dedication that can make these professionals such an asset can become their Achilles’ heel, the best of the best do take cybersecurity extremely personally. This professionalism is their secret power. But no one has an infinite reserve of power, and even as highly paid as these professionals are, their employers frequently fail to invest in their emotional and physical well-being.

    Cybersecurity is an adversarial environment. It requires suspicion, intuition, intelligence, research and dedication to function well within this space. Due to its confrontational ethos, it also requires stress management techniques that rarely exist outside of the military, and almost never in a corporate environment.

    The author, Steve Jump, argues that companies should invest in helping their people cope with stress

    The first signs of trouble within your security team can appear in the least expected places. Any cybersecurity manager will have seen this happen, but may not have fully understood the causes. If your job requires that you suspect everything, trust no one until verified, and assume imminent attack at every corner, then as your stress increases your ability to leave this suspicion at the office begins to fail. The level of security intensity required at work as a cybersecurity professional is completely toxic to personal and family relationships. The first signs of trouble are broken relationships and divorces.

    Some 90% of security professionals at a CISO level report that they suffer moderate to high levels of stress; 60% report that they have trouble switching off and cannot easily disconnect their business stress from their personal lives.

    Given the investment, and dependence, that many organisations have on a functioning and reliable cybersecurity team it is surprising that so few have any formal stress or counselling programmes for their “most valuable players”. Many companies would state that they have available counselling, but then confirm that it is voluntary.
    Under voluntary participation conditions, even if top-level counselling were available, there is stigma attached to it and most would decline – even the wise few that recognise the symptoms of PTSD.

    If you want to have skilled cybersecurity executives it makes sense to start this level of support with your most junior recruits

    If these cyber warriors – those that fight for you in cyberspace – were employed in any other adversarial profession (for example in the police, army, or even in a football team) they would have mandatory counselling sessions. No choice means no stigma.

    Might it be time to consider this in business? If your business really needs the skill and diligence of these highly-expensive-to-recruit and highly-expensive-to-retain professionals, then should it not also ensure that it provides them with the counselling, support and stress protection commensurate with that value? This is not an executive level problem; if you want to have skilled cybersecurity executives it makes sense to start this level of support with your most junior recruits.

    The secondary cost of the loss of these professionals is perhaps even more disturbing: they do not just withdraw from security. Their experience of burnout is more brutal than most, and the need to recover themselves means that they often change career and are not willing to share or teach their hard-earned cybersecurity experience to the already under-supplied next generation.

    • Steve Jump is outgoing head of corporate information security governance at Telkom


    Steve Jump top
    Subscribe to TechCentral Subscribe to TechCentral
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous ArticleHuawei covered up business dealings in Iran, documents show
    Next Article Backspace: ‘The new normal’

    Related Posts

    18GW in unplanned breakdowns cripple Eskom

    2 November 2021

    Nersa kicks the Karpowership can down the road

    13 September 2021

    If you think South African load shedding is bad, try Zimbabwe’s

    13 September 2021
    Company News

    Banking on LEO: Q-KON transforms financial services connectivity

    14 July 2025

    The future of business calling: Voys brings your landline to the cloud

    14 July 2025

    How digital twins and AI are shaping the future of security

    14 July 2025
    Opinion

    In defence of equity alternatives for BEE

    30 June 2025

    E-commerce in ICT distribution: enabler or disruptor?

    30 June 2025

    South Africa pioneered drone laws a decade ago – now it must catch up

    17 June 2025

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2025 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.