Half of employees have left a job because of mental health reasons, according to Harvard Business Review. Are you creating an atmosphere in your organization where that’s going to happen too?
There’s a mental health crisis rising in the cybersecurity industry. Not only does it have the potential to affect individuals’ wellness and team productivity, but it could also impact the ability of organizations to hire new talent and retain those they have. Considering there’s already a talent shortage in cybersecurity, this convergence could be detrimental to teams that are already understaffed and overwhelmed.
Here’s where the current state of retention and recruiting is in cybersecurity and why you should take mental health and wellness into consideration when managing your current team.
TALENT SHORTAGE AND RETENTION CHALLENGES
All security disciplines are feeling the lack of available talent to fill security operations roles. For every 100 cybersecurity jobs posted, there are only 68 qualified individuals to fill them, according to CyberSeek. Having limited talent in the pipeline means that more organizations are vying for those few job seekers. But many of those looking for a new position want to join an organization that cares for its employees—especially when it comes to mental health. In fact, as many as 73% of job seekers consider an organization’s health and wellness packages when deciding on a new workplace.
Security teams are also challenged to keep their current employees as well. I’ve noticed many security professionals are frustrated with outdated tools, spending their day on repetitive tasks, and not feeling like they’re actively contributing to their organization’s security posture. Disengaged, burned out, and undervalued employees tend not to stick around. How bad is the turnover? Sixty-four percent of security professionals plan to switch jobs in the next year.
The challenge is two-fold: Job seekers who don’t believe you prioritize mental health may not join your company, and current employees whose mental health is impacted by their work environment could leave. But it can’t be that bad in cybersecurity right now, can it?
WARNING SIGNS IN CYBERSECURITY
Security leaders thinking about recruiting and retention should be aware of how those in the industry are managing mental health. When we asked security professionals to rank their mental health for our report on the State of Mental Health in Cybersecurity, 67% ranked it excellent, very good, or good—which may seem like a fairly high number.
However, there is a benchmark, as 81% of U.S. adults rank their mental health as excellent or good, according to Gallup. By their own self-assessment, cybersecurity professionals are falling well below the average. If you think the mental health of your security team members is on par with that of members of other departments in your organization, you may need to think again.
According to our report, 27% of respondents also said their mental health has gotten worse over the past year. I believe this decrease is likely not only due to the direct effects of the pandemic, but also to the unique situations the pandemic created that have impacted security-team stress levels and mental health. Moving to remote work exposed organizations to more vulnerabilities and attacks, and the ongoing Great Resignation is also leaving security teams understaffed and overworked. Additionally, the war in Ukraine is escalating the risk of cyberattacks—and escalating concerns among security practitioners.
These are just some of the factors contributing to the high stress levels that 66% of security professionals told us they experience at work. Additionally, 63% said they have seen their stress levels rise over the past year.
Considering the findings above, organizations must be taking action to ensure their employees are getting the resources and help they need, right? Not necessarily. Only 57% of security professionals told us their workplace provides them with resources and support for their mental health. Ultimately, only 54% said their workplace prioritizes mental health.
All of the factors above can lead to a situation where employees walk out the door. And what job seeker is going to want to apply when they hear that your organization is losing talent because of a lack of prioritizing employee mental health?
WHAT YOU CAN DO
The great news is that there are actions and initiatives you can take today to improve the mental health of your workers.
Start by normalizing the conversation around mental health in order to let employees know that you do prioritize their mental health and wellbeing. Communicate often about resources available to employees and openly discuss the ways work impacts mental health. Allow employees to take mental health days and encourage employees to talk about their mental health. Creating a culture of wellness can be a draw to new employees as well.
Workplaces can also provide resources and support to increase resiliency. Offer an employee assistance program where employees can reach out and be paired with people to talk to. Train leadership on how to recognize the impacts of mental health on their team, and offer stress management workshops. Part of taking care of your team requires an increased consideration of what is going to improve their overall mental health—would it be a more flexible schedule, access to health and wellness initiatives, or the ability to take mental health days? Even small offerings can go a long way.
Security leaders can also take steps to assess the stress on their team—stress from tasks, expectations, outdated systems and tools, and more—and take action to change those things. More often than not, stress comes from the friction team members face each day trying to accomplish their duties. There, of course, is only so much a team leader can do to streamline workloads and daily requirements. At that point, leaders can point to employer-provided mental health benefits. They may not be able to alleviate all of their team’s stress, but resources and assistance can go that last mile toward ensuring that teams are healthy and well-supported.
RETAIN AND RECRUIT
You don’t have to be in a situation where good recruits go elsewhere and you watch your talent walk out the door. It’s always a great time to start the conversation about mental health with your teams and to create a culture of wellness that gives security professionals the resources they need to be healthy and productive.
Eoin is a founder at Tines, a platform that allows anyone to automate repetitive security workflows without writing a single line of code.