Two in five (41%) IT security managers in the UK are considering quitting their jobs in the next six months, largely due to growing stress levels, according to a new study by ThreatConnect.
The researchers said the findings highlight the scale of the so-called "great resignation" impacting the cybersecurity industry, exacerbating the sector’s skills shortage.
The survey of 503 senior managers responsible for technology decisions at their organization or IT security found an average security staff turnover rate of 20% in the UK. Around three-quarters (74%) of respondents reported this rate as rising in the past year. Adding to the problem, just under a third (31%) said they experienced difficulties recruiting people with the skills and talent required for cybersecurity.
In a particularly concerning finding, less than a quarter (23%) of security leaders surveyed would recommend a career in cybersecurity, while two in five (42%) said they are unlikely to do so.
Stress and workload appeared to be the principal causes of these issues. Over a third (37%) of all respondents reported feeling highly stressed about work, and more than half (53%) experienced increased stress levels over the past six months. The respondents revealed that long hours and heavy workloads had manifested in headaches (44%), a drop in work performance (43%) and sleeping difficulties and fatigue (37%).
The biggest reasons given by all respondents for quitting their jobs were lack of opportunities to work from home (31%), high-stress levels (26%) and the attraction of a better salary elsewhere (25%). For security managers specifically, excessive workload was the most common factor (31%) cited.
In another worrying finding, around a third (32%) of all respondents did not agree that their company can keep up with the volume and sophistication of cyber-threats.
Adam Vincent, co-founder and CEO at ThreatConnect, commented: “Now more than ever, IT security teams are being expected to do more with less.
“High employee turnover and stressed IT professionals can negatively impact an organization’s performance both in the short term and in the long term. The growing volume and sophistication of threats makes it critical that organizations manage workload feasibility and give teams the support they need.”