Deloitte UK CISO addresses stress and burnout in cybersecurity

Deloitte UK CISO and top winner in this year’s UK CSO30, Jitender Arora reflects on the causes of stress and burnout in cybersecurity and shares his strategies for dealing with it.

Jitender Arora, Chief Information Security Officer (CISO), Deloitte UK
Deloitte UK

Stress and burnout are increasing within the cybersecurity field. Research has discovered that security teams and leaders are suffering from the pressures of keeping modern business secure in an ever-demanding environment of risk, threats and challenge. The negative impact of such issues on both the capability and longevity of security personal is requiring CISOs to act to address stress and burnout within their teams.

Jitender Arora, CISO of Deloitte UK, is a security leader whose recent efforts in this area helped earn him the number one spot in this year’s UK CSO30. Speaking to CSO during a virtual ceremony to celebrate the UK CSO30 2021, Arora reflects on recognising the causes and importance of understanding the role that stress and burnout plays in cybersecurity, along with detailing his own strategies for tackling these issues within Deloitte UK.

Business demands cause cybersecurity stress and burnout

“When people are working in security, it brings a lot of responsibility with it,” says Arora. “There are a lot of decisions that need to be made when quite often nobody knows the answer and it comes to the CISO function to decide what should or should not be done. Security walks a fine balance between what the business needs versus the risks and threats it faces.”

The requirement to regularly switch between those contexts puts enormous demand on (often small) security teams, because security is so important to almost everything businesses do. When that is happening, it’s not surprising that it creates feelings of stress and burnout for security professionals.

Prioritisation key to addressing stress and burnout in cybersecurity

To continue reading this article register now

Microsoft's very bad year for security: A timeline