Sophos and TRA Study Reveals 83% of India’s Cybersecurity Workforce Suffers from Burnout, Impacting Cyber Defense

Sophos and TRA Study Reveals 83% of India’s Cybersecurity Workforce Suffers from Burnout, Impacting Cyber Defense


The results of Sophos’ fourth research, “The Future of Cybersecurity in Asia Pacific and Japan,” which it co-authored with Tech Research Asia (TRA), were made public. According to the survey, burnout and exhaustion affect 83% of respondents who work in cybersecurity and IT in India.

Nearly every facet of cybersecurity operations is affected by burnout, according to the study, which found that 93% of respondents reported experiencing a rise in burnout over the previous 12 months, with Asia Pacific and Japan having the largest percentage of respondents. Furthermore, 22% of firms reported slower-than-average reaction times to cybersecurity incidents, and 25% of respondents said that cybersecurity burnout or tiredness directly caused or contributed to a cybersecurity breach.

“At a time when organisations are struggling with cybersecurity skills shortages and an increasingly complex cyberattack environment, employee stability and performance are critical for providing a solid defence for the business. Burnout and fatigue are undermining these areas, and organisations need to step up to provide the right support to employees, especially when, according to our research, 25 per cent of Indian respondents identified that cybersecurity burnout or fatigue contributed to, or was directly responsible for, a cyber security breach,” said Aaron Bugal, field CTO at Sophos.

“This Sophos and TRA report provides timely insight into organisational cyber stress and demonstrates that things need to change. Although there’s not a simple fix, an attitude adjustment would go a long way toward defining the right expectations around what it means to evolve into a cyber-resilient business. Boards and executive committees need to drive change and demand responsibility from their deputised charges, in essence, for better governance around cyber approaches. However, they need to clearly articulate their accountability in developing and maintaining a plan because cyber security is now a perpetually interactive sport, and there needs to be a team that provides adequate coverage around the clock.”