EXPEL BLOG

From exhaustion to equilibrium: battling burnout in your SOC

· 2 MIN READ · SCOUT SCHOLES · AUG 8, 2024 · TAGS: AI / Employee retention / Management / SOC

Our new ebook covers the burnout epidemic in the industry, and how you can address it

TL;DR

  • Standards of perfection for SOC analysts are common, but avoidable 
  • SOC burnout can cause problems for individuals, but also your business (and the entire industry)
  • Big and small changes can reduce stress your analysts feel, but strategic shifts are necessary to fix the problem overall 

Nobody’s perfect, including your SOC analysts

Burnout isn’t a new phenomenon, but its rise as a conversation topic in the corporate world is hardly surprising. In the cybersecurity field, professionals are increasingly voicing their concerns about the lack of work-life balance on platforms like Slack, Reddit, and online forums.

“If you are in cybersecurity and are constantly feeling angry, exhausted, bitter and you jump up to the ceiling when your company mobile rings–welcome to the burnout club,” reads a popular Medium post by Bozidar Spirovski, CISO at financial services platform Blue dot. He also points out that customers shoulder some of the blame, although they’re enabled by businesses that don’t set boundaries for their SOC employees. 

“I’m constantly reading contracts towards customers that literally demand my phone number and my ongoing availability 24×7 to every single random customer. That type of unreasonable expectation of magic being done still exists.” 

And that’s often only the beginning of unrealistic expectations placed on SOC analysts. The unrealistic expectation of perfection is a contributing factor to SOC burnout as well. There’s a common saying in cybersecurity that, “It’s not if there will be an attack, but when.” The assumption is often that when there’s an attack, it will be prevented. But that simply isn’t possible with complex corporate networks, ever-increasing sophistication of attackers, and high team turnover. 

Spirovski continues, “The cybersecurity team doesn’t guarantee nobody can attack you. A well supported cybersecurity team can guarantee resilience–high cost of attack, limited impact, good recovery, and proper understanding of an attack.” 

The emphasis here is that resilience isn’t synonymous with perfection, even though the two are often conflated in cybersecurity. 

Address burnout for the sake of your employees—and also your business

Burnout is obviously bad for people. It has mental and physical effects on individuals, but it can even cause people to leave the industry entirely if the situation is bad enough. In a recent Forrester blog on controlling burnout in cybersecurity, they mapped the relationship between engagement and burnout into four segments. 

59% of respondents to their survey were categorized as “Tired Rockstars,” which is defined as “highly engaged employees experiencing some level of exhaustion.” The most concerning finding was that this segment of security pros was in danger of slipping into the “Red Zone,” which is employees who have reached the end of their rope, and are so disengaged that they leave their jobs—and perhaps the industry entirely. 

And the impact on individuals is just the beginning of the effects of burnout. It’s bad for the industry and your business, too. In the same Forrester blog, they found that burnout damages the quality of cybersecurity work. 

“We spoke to folks who came to the realization that they haven’t seen their kids for eight years, who could no longer get up in the morning, and others whose bodies gave way to the physical symptoms of burnout. But, as well, burnout is causing critical talent to exit the industry and preventing others from entering–this ultimately impacts our ability to manage cybersecurity for organizations.” 

You can learn more about the cause and effect of burnout in cybersecurity in our latest ebook, Unplug your team: Combating cybersecurity burnout.