I’ve largely stopped writing about the latest study or industry analysis white paper. Rarely to they shed much new light on security. This is an exception. The statistics in the article are jaw-dropping if close to accurate. But this is the part that is scary:
As a result of these factors, the pressure is reaching boiling point for many.
Over a quarter (27%) of CISOs polled said stress is impacting their mental or physical health, while 23% said the role is damaging their personal relationships. Even worse, 17% admitted they had turned to medication or alcohol to deal with workplace stress.
Mental, emotional, and physical health all can take their toll on well-being. But that 17% number is just as telling – what happens during an event when the head of the organization is blotto?
“It’s no surprise that CISOs are facing burnout. Many lack support from within their organizations, and senior business leaders need to face the facts: the threats are real, and CISOs need to be given the resources and support to tackle them. If not, the board must face the consequences.”
The lack of support feeds into the cycle. Even if the CISO does have a health or substance problem there may not be the mechanisms in place to manage a response in lieu of top leadership. I wonder how may DR/BC/IR tabletop exercises cover absent or impaired leadership?