Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Leadership and ManagementSecurity Education & Training

Bolstering defenses amid evolving threats & cyber pro burnout

By Rick McElroy
Employee burnout

Image via Pixabay

February 2, 2023

Cybercriminals are becoming bolder and more targeted in their attacks. Emerging threats, such as deepfakes and application programming interface (API) attacks, are the new go-to intrusion methods for these offenders, while defenders try to keep up with the pace and evolution of these tactics. Events such as pandemic disruptions (including increased hybrid work and accelerated digital transformation efforts), as well as geopolitical conflicts have only exacerbated this and made organizations more vulnerable. In fact, a recent survey found that 65% of cybersecurity and incident response (IR) professionals said cyberattacks have increased since Russia invaded Ukraine. In addition, two out of three survey respondents stated that they had experienced an attack involving the use of malicious deepfakes, and 23% of attacks now compromise API security.

As external cyber threats increase, internal security team burnout does, too, eventually leading to increased employee turnover and difficulty in hiring qualified candidates. A recent survey by Cybersecurity Ventures found that the number of unfilled cybersecurity jobs worldwide grew 350% between 2013 and 2021, from 1 million to 3.5 million. The need for these jobs is increasing, but the talent gap is also widening as the qualifications continue to change and the work becomes more demanding.

The good news? Overall burnout rates are slightly lower from 2021 as organizations have been taking burnout and stress more seriously by implementing wellness programs. The implementations that have proven to be the most beneficial are offering flexible hours, investing in further education and presenting additional coaching and therapy. However, there is always more to be done, especially as cybercriminals work smarter and harder to wreak havoc within organizations worldwide.

Fortunately, there are a few immediate best practices that can bolster any organization’s cybersecurity posture, including these three:

1. Analyze the inner workings of devices

This is key to preventing foreign behavior and vulnerabilities within an application. Over the past year, 41% of cybersecurity professionals have encountered attacks involving insider threats. These findings underscore the increasingly critical nature of talent management when it comes to cybersecurity controls, especially as companies are trying to manage employee turnover, onboarding and the use of non-sanctioned apps and platforms. Understanding an organization's entire workload from within will be crucial to protecting proprietary information and averting adversaries with bad intentions. These defense solutions should also factor in lateral movement — which can occur when an attacker gains control of one asset within a network and moves on to others. Teams should remain on high alert when it comes to internal communication tools, like instant messaging services and email, which can be used by hackers as a means to delve inside networks and compromise an entire organization’s network.

2. Unite network detection and response (NDR) with endpoint detection and response (EDR)

By integrating these two technologies, organizations can identify and expose potential threats before using automation to neutralize and remove them. Organizations should assume all digital transactions could potentially be compromised and should not authorize anyone to enter a network without being authenticated. With an increased hybrid workforce and shift to all things digital, employees can potentially be reckless with what they click on and download. Validating everyone within an organization will prevent bad actors from entering and potentially compromising the network by immobilizing any east-west spread movement. Using internal data analytics, security teams are able to gain access and complete visibility to the endpoint and network in real time.

3. Implement internal wellness programs to prevent burnout

Security talent has become extremely valuable as cyber threats continue to increase. It is critical for security leaders to encourage their teams to nurture their mental health and personal development to maintain a positive environment within the workplace. This can include supporting personal time off (PTO) or mental health days and allowing team members to spend valuable time away from their screens, which is key to preventing stress and burnout. Additionally, allowing security teams the time to become comfortable with a new technology or system before implementing it can significantly reduce confusion and stress among team members. Reducing burnout is possible, but it must start with arming security professionals with the tools and resources needed to do their job while maintaining a healthy mindset.

Cybercriminals are constantly adopting new ways to manipulate targets

Deepfakes are leading the charge here. To best defend against this, security teams must work hand in hand with IT and finance teams. In addition, human verification must become stronger, along with increased network and endpoint visibility, to ensure a solid security foundation. As cybercrime continues to take center stage, every industry should know they are not immune to potential threats. The good news is that government agencies are taking cyberattacks very seriously. The Department of Homeland Security (DHS) recently made a $1 billion investment in cybersecurity for state and local governments to give cybersecurity teams the flexibility to address some of the top issues threatening organizations. In addition, security vendors are learning valuable tools and techniques from each other and are implementing lessons obtained into their own strategies and technologies. Cybersecurity is a continuous effort because, as systems evolve, so do attackers.

KEYWORDS: burnout cybersecurity endpoint security network security team vulnerability

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Vmwcb rick mcelroy headshot 01

Rick McElroy, Principal Cybersecurity Strategist for VMware, has 24 years of information security experience educating and advising organizations on reducing their risk posture and tackling tough security challenges. He has held security positions with the U.S. Department of Defense, and in several industries including retail, insurance, entertainment, cloud computing and higher education. McElroy’s experience ranges from performing penetration testing to building and leading security programs. McElroy is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manager (CSIM), Certified in Risk and Information Systems Control (CRISC) and Certified in Cloud Security Knowledge (CCSK). As a United States Marine, McElroy’s work included physical security and counterterrorism services. His current role takes him all over the world working with organizations to improve their security strategies and speaking on security and privacy.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Columns
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Person working on laptop

Governance in the Age of Citizen Developers and AI

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • security-burnout-freepik.jpg

    Hacking burnout: Addressing stress among security professionals

    See More
  • university campus

    How to keep cybercriminals off university campuses

    See More
  • New Executive, New Perspective

    CISOs face mounting pressure: Here’s how to help

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing