A roadmap for the passionate, dedicated, tired analyst (and their organization)
In the constantly evolving threat landscape where there are 24/7, nonstop threats occurring, Security Analysts are constantly having to adapt to new techniques in an incredibly demanding environment. Keeping up is no easy feat - between working long hours, learning on the fly, and frequently operating in emergency mode, anyone would be overwhelmed.
Many of us find fast-paced, high stakes, and challenging work to be fulfilling, and all of these things are good in moderation. When they run out of check, however, they can result in serious mental health problems - chiefly in burnout.
It's no secret that burnout is a major contributor to SOC turnover. Research shows that in 2019, “80% of [SOC Professionals] report SOC turnover of more than 10% of analysts, with nearly half reporting 10-25% turnover” due to stressful work environments, alert overload, and lack of training on new techniques. These high turnover rates mean that burnout hurts more than just the individual - it hurts organizations at large. It will take problem-solving on both the individual and the organizational level to address the burnout epidemic in the cybersecurity industry.
What is burnout?
According to the World Health Organization, “burnout is a syndrome conceptualized as resulting from chronic workplace stress that has not been successfully managed. It is characterized by three dimensions:
- Feelings of energy depletion or exhaustion
- Increased mental distance from one’s job
- Feelings of negativism or cynicism related to one's job, and reduced professional efficacy.”
Though burnout originates in the workplace, it has the unfortunate ability to seep into other areas of life, taking a toll on relationships, physical health, and overall happiness and fulfillment outside of work. Security Analysts are particularly vulnerable to developing burnout due to their consistently stressful work environments, which can wear on mental health over time.
You might be getting burned out if…
- you feel cynical at work
- you wake up dreading going to work
- the work that used to come easily now takes you a lot of time and effort to complete
- your sleep patterns have been interrupted
- you feel like your effort isn’t appreciated or acknowledged at work
- it’s harder to concentrate now than it was when you started your job
Those are just a few examples of burnout symptoms. If you identify with a few of them, as many Security Analysts surely do, it might be time to take some corrective action to improve your mental health.
How to Handle Security Analyst Burnout
If you’re a Security Analyst experiencing burnout, you’re not alone. The good news is that there are steps you can take to improve your work, work-life balance, and routine in order to improve your health and wellbeing.
Have an open conversation with your supervisor
Chances are, your supervisor has heard of (or experienced) burnout before. Talk to them about managing expectations and what steps you can take to preserve your work-life balance. Make sure to set specific goals for how you’ll improve together. Remember - operating at your highest level is beneficial for you and your organization alike.
Audit your current workload
Take a look at how you’re spending your time at work - are you getting bogged down with unnecessary tasks or tasks that could be delegated to someone else on your team? Are you working on big projects alone and could use a helping hand? Remove any unnecessary work from your plate and ask your team how they can support you.
Take care of your basic needs first
It’s hard to thrive in any area of life if your basic needs aren’t taken care of. To avoid burnout:
- Eat well. Eat the food that makes you feel best and don’t work through mealtimes.
- Exercise. It can feel like the last thing you have time for when you’re burned out, but getting just 30 minutes of movement in can drastically improve your mood, energy levels, and ability to concentrate throughout your day.
- Get good sleep. We know sleep restores, heals, and gives us time to process our days. Lack of sleep, on the other hand, can seriously affect mental and physical wellbeing, amplifying the effects of burnout.
- Socialize. Seek support from friends and family and reach out to your community - preferably without talking about work!
Especially for Security Analysts who are able to work remotely, turning off notifications during off-hours is essential. Protecting your down-time is an extremely important component of avoiding burnout and improving productivity during work hours.
Studies show that practicing mindfulness can significantly reduce burnout and exhaustion while improving productivity, feelings of accomplishment, and mental wellbeing. A good place to begin is by adding just 10 minutes of meditation to your morning before work, or on a break during the workday. There are hundreds of free meditation videos, apps, and podcasts that can help you get started.
Spend time doing things that restore you
You know what works for you: it could be spending time with friends, spending time alone, going outside, or pursuing a creative passion. Making time to restore your emotional wellbeing with self-care will enable you to arrive at work with a full tank.
Use your vacation days
According to the US Travel Association, 52% of Americans report that they do not take full advantage of their PTO. Taking a vacation, ideally one that’s 100% unplugged from work, enables us to refresh, reflect, and return as better teammates.
How Organizations Can Reduce Burnout in the Workplace
To work toward a burnout-free cybersecurity industry, Security Analysts need the support of organizations who prioritize mental health in the workplace.
Improve Office Culture
There are many ways to decrease stress in your office by improving your organization's culture. A good place to start would be providing opportunities for your team to socialize and bond, acknowledging analysts for their hard work, encouraging your team to establish boundaries between work and personal time, and providing mental health resources.
Prioritize and Limit Alerts
One of the major stressors for Security Analysts is the number of alerts they receive every day - according to recent studies, “70% of [SOC Professionals] investigate 10+ alerts each day (up from 45% [in 2018]) while 78% state that it takes 10+ minutes to investigate each alert (up from 64% [in 2018]).” With a deluge of notifications coming in, there’s not enough time to address everything, leading analysts to ignore low and medium priority alerts. Help reduce this stressor by prioritizing threat alerts for analysts and evaluating what a reasonable scope of threat coverage looks like for your team size.
Increase Training Opportunities for Analysts
To address the knowledge gaps created by the constantly evolving threat landscape, Analysts need frequent training on new techniques. In 2019, “nearly half of [SOC Professionals said] they [got] 20 or fewer hours of training, a surprise given today's dynamic threat environment” (CRITICALSTART). This is an area that needs to be significantly improved upon in order to arm analysts with the ability to address threats with up-to-date information.
To avoid burnout, Security Analysts must take an active role in their personal health and wellbeing, and organizations need to provide a healthier office culture. We hope to see more analysts setting boundaries, investing time in self-care, and seeking support from others in the future. Prioritizing mental health is an essential shift to make as an industry, especially as we move forward into an increasingly demanding cyber threat landscape.