51 percent of cybersecurity professionals experience burnout
The challenges of the last year and a half, along with major cyberattacks, like that on Colonial Pipeline, have had a major impact on security professionals, with 51 percent reporting experiencing extreme stress or burnout.
The latest Global Incident Response Threat Report released today by VMware finds 65 percent saying they've considered leaving their job because of stress.
"Burnout is a huge issue with incident response teams, who are handling a spike in engagements in what is still a largely remote environment," says Rick McElroy, principal cybersecurity strategist at VMware. "It only further underscores the need for leaders to build resilient teams, whether that means considering rotations of work, empowering individuals to take mental health days, or any number of other initiatives aimed at nurturing personal growth and development."
Among other findings from the report, of those who have encountered ransomware attacks in the past year, 64 percent have witnessed affiliate programs and/or partnerships between ransomware groups. Defenders are also looking for new ways to fight back with 81 percent willing to leverage active defense in the next 12 months.
Attacks are becoming more sophisticated too. Respondents indicate that targeted victims now experience destructive/integrity attacks more than 50 percent of the time. Cybercriminals are achieving this using emerging techniques, like the manipulation of time stamps, or Chronos attacks, which nearly 60 percent of respondents have observed. Driven by the shift to remote work, 32 percent of respondents also experienced adversaries leveraging business communication platforms to move around a given environment and launch sophisticated attacks.
Cybercriminals have also been seeking to exploit the pandemic-driven shift to the cloud. 43 percent) of respondents say more than a third of attacks were targeted at cloud workloads, with 22 percent saying more than half were. As a result six out of 10 respondents say cloud security tools are their top priority to implement.
You can get the full report from the VMware Carbon Black site.