Burnout in the Philippines’ cybersecurity workforce
IN the evolving landscape of digital security, the Philippines stands at a critical juncture, grappling with the challenges and opportunities presented by the rapid advancement of technology. The fourth edition of “The Future of Cybersecurity in Asia-Pacific and Japan,” sponsored by Sophos and conducted by Tech Research Asia, sheds light on the pressing issue of cybersecurity burnout among professionals in the region, with a focused lens on the Philippines.
A growing concern
The report reveals a concerning trend among Filipino cybersecurity and IT professionals, with 23 percent frequently experiencing cyber burnout, mirroring the regional average. A significant 71 percent occasionally feel the strain, indicating a widespread challenge across the sector. Over the past year, 21 percent of professionals noted a significant increase in burnout symptoms, with an additional 67 percent observing a slight uptick, suggesting a rising tide of stress in the cybersecurity realm.
Burnout is a state of emotional, physical and mental exhaustion caused by excessive and prolonged stress. It occurs when an individual feels overwhelmed, emotionally drained and unable to meet constant demands. As the stress continues, individuals begin to lose interest and motivation that led them to take on a certain role in the first place. Burnout reduces productivity and saps energy, leaving individuals feeling increasingly helpless, hopeless, cynical and resentful. Eventually, the person may feel like they have nothing more to give.
The key symptoms of burnout include feeling tired and drained most of the time; frequent illness; feelings of failure and self-doubt; feeling helpless, trapped and defeated; detachment and isolation from others; loss of motivation; increasingly cynical and negative outlook; and decreased satisfaction and sense of accomplishment. Burnout specifically affects individuals’ work performance, impacting their efficiency and attitude toward work tasks, colleagues and themselves.
Toll on professionals, organizations
The repercussions of this burnout are tangible, with 17 percent of companies witnessing resignations due to these pressures, slightly below the regional average of 23 percent. Furthermore, 13 percent of staff have been “moved on” due to performance issues stemming from cyber burnout, underscoring the operational impact on businesses. On average, companies lose 4.6 hours per week to burnout-related productivity dips, highlighting the economic implications of this issue.
In the Philippines, cybersecurity strategy is predominantly led by cybersecurity directors or managers, IT directors or managers, and CIOs/ CTOs. This leadership structure is crucial in navigating the complexities of digital threats and safeguarding organizational integrity.
Professionals in the field express significant frustrations, notably with executives underestimating the likelihood of attacks and the complexity of cybersecurity, alongside challenges in fostering a robust cybersecurity culture companywide. These sentiments reflect a broader need for awareness and understanding at all levels of an organization.
Regulatory and legislative shifts are prompting a heightened focus on cybersecurity at the board and senior leadership levels, with 50 percent noting a significant increase in attention to this area. This shift has led to increased training and education for employees, further investment in cybersecurity technologies and a concerted effort to enhance overall organizational resilience.
The understanding of cybersecurity issues is relatively high among boards and senior leadership teams, with over half rating their comprehension as “very well.” Regular cybersecurity briefings are provided to 52 percent of boards and 60 percent of SLT, indicating proactive measures to keep key decision-makers informed.
Formal incident response plans are in place in 88 percent of organizations, a testament to the proactive stance many have taken toward cybersecurity readiness. Despite this preparedness, 17 percent still describe their response readiness as chaotic, highlighting areas for improvement in operational response capabilities.
The effectiveness of training and education is critical in reducing repeat offenses, with 20 percent of board members, 28 percent of senior leadership and 42 percent of employees identified as repeat offenders in cybersecurity breaches. These figures underscore the importance of continuous education and the reinforcement of cybersecurity best practices across all organizational levels.
Overcoming burnout
Companies can prevent the resignation of their cybersecurity professionals due to burnout by implementing several strategic measures:
Promote work-life balance. Encourage reasonable working hours, provide flexible work schedules, and respect time off. Preventing overwork is key to avoiding burnout. Provide adequate resources and tools. Ensure that cybersecurity teams have access to the technology and resources they need to perform their tasks efficiently without unnecessary stress.
Foster a supportive work environment. Create a culture that values open communication and mutual support and recognizes the contributions of cybersecurity professionals. A positive work environment can significantly reduce stress levels. Evaluate and improve workflows to eliminate unnecessary tasks and streamline operations, reducing time and effort on lowvalue activities.
Acknowledge the hard work and success of cybersecurity professionals through recognition programs, bonuses or promotions. Feeling valued reduces burnout and increases job satisfaction. Offer professional development
opportunities. Continuous learning and growth opportunities can keep cybersecurity professionals engaged and motivated, reducing the risk of burnout. Train leaders and managers to recognize signs of burnout and address them proactively. Effective leadership can identify and mitigate stressors within teams. Implement regular check-ins and
support mechanisms. Establish regular check-ins with team members to discuss workload, challenges and stressors. Provide access to mental health resources and counseling services. Promote activities that strengthen team cohesion and allow employees to relax and bond outside of work pressures. Create a clear path for advancement. Define clear career paths and advancement opportunities within the organization. Knowing there is room to grow can help retain ambitious professionals.
By implementing these strategies, companies can create a more supportive and fulfilling work environment for their cybersecurity professionals, reducing the likelihood of burnout and resignation.
Addressing cyber burnout, enhancing strategic leadership, investing in training, and improving incident response readiness are pivotal steps in fortifying the nation’s digital defenses. With concerted effort and collaboration, the Philippines can emerge stronger and more resilient in the face of evolving cyberthreats.