Are you going to burn out?

Welcome to the new 88 cyber warriors who joined us last week. Each week, we'll be sharing insights from the Black Hat MEA community. Read exclusive interviews with industry experts and key findings from the #BHMEA stages.

Keep up with our weekly newsletters on LinkedIn — subscribe here.

This week we’re focused on…

Burnout in cybersecurity. 

Why? 

Because when we interviewed Dr. Leila Taghizadeh (CISO, IberoLatAm and Global Head of Cyber Risk at Allianz), she said:

“Cybersecurity is often a thankless job because the role is about prevention. When things are running smoothly, nobody notices the hard work being done. But the moment there’s a breach, the blame falls on the cybersecurity team.” 

And it appears that the problem is getting worse. 

The new 2024 State of Cybersecurity survey from ISACA (a global professional association that aims to advance trust in technology) has found that 66% of cybersecurity professionals say their role is more stressful now than it was five years ago. 

Why is stress in cybersecurity increasing? 

The ISACA study surveyed over 1,800 cybersecurity professionals, and uncovered several key reasons for the increased stress:

• 81% of respondents put it down to an increasingly complex threat landscape.
• 45% cited low or inadequate cybersecurity budgets – and only 37% expected that budgets will increase in 2025.
• 45% said that hiring and retention challenges are getting worse. Of those seeking qualified candidates at the time of the survey, 73% said they’re prioritising previous hands-on experience.
• 45% reported insufficiently trained staff.
• 34% said stress was caused by a lack of prioritisation of cybersecurity risks.

Burnout is a growing risk

Arguably, burnout is a cybersecurity risk in its own right – with stressed out, exhausted and overworked professionals less likely to perform to their full capacity, and more likely to make mistakes. 

So increased stress in the sector means that burnout is a growing risk to security. 

“Without a doubt, burnout and stress are massive issues in the cybersecurity space,” said Dr. Taghizadeh.

“Over the years, I’ve seen this pressure mount to unprecedented levels. It's no longer a question of ‘if’ there will be a new threat – it's a constant stream of high-stakes situations, where even a single oversight can have disastrous consequences. Cybersecurity professionals are the frontline defense, and that responsibility is heavy. The pressure is unrelenting, and the demands on these teams only seem to grow as threats evolve.”

It’s time for cybersecurity leadership to get proactive about stress 

We can’t just hope for the stress to go away. As the threat landscape continues to evolve, and organisations continue to place greater strategic importance on the quality of their cybersecurity operations, the pressure on cybersecurity teams is only going to intensify. 

So leaders have to get proactive about stress and burnout. 

“First and foremost, mental health needs to be a priority,” urged Dr. Taghizadeh. “Encourage regular breaks, adopt flexible schedules, and ensure teams have access to mental health resources. Automated tools can help ease the load by managing routine tasks, freeing up professionals to focus on more strategic, high-impact work.” 

And in an industry where hard work often goes unnoticed or under-celebrated, she also stressed the critical power of recognition:

“Cybersecurity teams need to feel valued for the work they do every day, not just when there’s a breach.”

To make that happen, we need more transparency within organisations about what success looks like, and better frameworks to recognise and mark the hard work of cybersecurity professionals. They need to get credit for their efforts – otherwise the stress builds up, with no release. 

“When teams know their efforts are seen and appreciated, it goes a long way toward mitigating the stress they feel.”

Do you have an idea for a topic you'd like us to cover? We're eager to hear it! Drop us a message and share your thoughts. Our next newsletter is scheduled for 01 January 2025.

Catch you next week,
Steve Durning
Exhibition Director

Join us at Black Hat MEA 2025 to grow your network, expand your knowledge, and build your business.