What’s the biggest contributing factor to burnout on SecOps teams in your experience?

3.6k views12 Comments

Senior Information Security Specialist in Transportation, 5,001 - 10,000 employees
Managers are understandably wary of giving too much decision-making power to junior employees with limited skills, but they won't thrive if they don't give them any opportunity to try new ideas.
Asst. Director of IT in Software, 51 - 200 employees
Appoint a appreciate talent, training and awareness to the users.
Director of IT in Healthcare and Biotech, 1,001 - 5,000 employees
Imbalance between personal and work-life is biggest contributing factors. Manages expect too much and too quick response on an incident. expectation of working 24x7x365 in SecOps function isn't practical and sustainable. We should depend upon more on tools, automation and AI to predict and incident and response. Human should not be involved at every first point of operations. 
Director of IT in Education, 5,001 - 10,000 employees
Security Operations Team are constantly on call and working all hours of the day, a lot more than other IT personnel. In addition, they are constantly short staffed because it is hard to find skill sets in security, coupled with budget constraints or lack of investment in security. As a result, this leads to burnout in security personnel. Senior management has to recognize the important functions security personnel perform and ensure adequate funding and appropriate numbers of personnel to address security in the organization.
Director of IT in Services (non-Government), 5,001 - 10,000 employees
Working in infosec makes it practically impossible to avoid burnout since it is hard to combine work and personal obligations. Our industry prohibits it.

If burnout is not handled, industry employees begin exhibiting additional symptoms including sadness, anxiety, and/or serious hazards to their physical health.
Director of IT in Services (non-Government), 5,001 - 10,000 employees
SecOps teams are under a lot of pressure to protect businesses from new threats since hackers are constantly changing their attack methods. Dealing with the constant onslaught of threats is more difficult when teams are working with siloed technology and are regularly overworked.

Burnout occurs in every profession occasionally. But during the past year, the need for cybersecurity has grown significantly, leaving many of them feeling worn out. When burnout sets in, it could be difficult to mentally return to a former state of being. But it's not likely. Therefore, it is important for cybersecurity firms to address burnout and take steps to both avoid 
Director of IT in Education, 11 - 50 employees
The main causes are an imbalance between personal and professional obligations. Managers want an excessively speedy and thorough response to an issue. Working 365 days a year in the SecOps position is not realistic or sustainable. For incident and response prediction and automation, we should rely increasingly on tools and AI. There shouldn't be a human there at every first stage of a procedure. Appoint a user who values talent, education, and awareness.
Director of IT in Education, 51 - 200 employees
Since hackers are continually modifying their attack techniques, SecOps teams are under a lot of pressure to safeguard enterprises from new dangers. Working with segregated technology and frequently being overworked makes it harder for teams to deal with the constant barrage of threats.
AVP of IT in Banking, 10,001+ employees
Threat Intelligence collaboration
Adaptive Security for new Threats
Integrating Security Operations with other tools
Training and Upskilling
Diversifying Hiring
reduce longer hours than most industries.
Lack of investment in security Teams.
The lack of resources on security teams.
Recognition and respect
Director of IT in Services (non-Government), 51 - 200 employees
Definitely the lack of understanding of management regarding IT Security:
Management wants that everything just runs and generates profit, while SecOps needs to make sure that everything runs securely. We had many discussions now regarding improving security within the company (we are in the process of getting TISAX certified) and one of the steps was to implement MFA, which was a huge pain in the butt to explain the huge advantages to the employees. 

Another thing is work-life balance. SecOps need to be constantly on duty during working hours, keep documents tidy, check back with employees, reevaluate workflows and even be semi-available for emergencies/data breaches, it can really be an unforgiving position.

Content you might like

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
40.8k views131 Upvotes319 Comments

Patch management: to reduce attack surface and avoid system misconfigurations39%

Malware and ransomware prevention: to protect endpoints from social engineering attacks58%

Malware and fileless malware detection and response: to protect against malicious software49%

Threat Hunting: to detect unknown threats that are acting or dormant in your environment and have bypassed the security controls33%

Not planning to change endpoint security strategy10%



Community User in Software, 11 - 50 employees

organized a virtual escape room via https://www.puzzlebreak.us/ - even though his team lost it was a fun subtitue for just a "virtual happy hour"
Read More Comments
6.8k views25 Upvotes58 Comments