Skip Links

RSA Conference 2012: Stress and burnout in infosec careers

IT security professionals are experiencing extreme levels of stress and burnout, but they have few places to turn for help

By Joan Goodchild, CSO
February 27, 2012 08:35 PM ET

CSO - Career stress and burnout is as common among information security professionals as it is among professionals in other high-stress fields, such as medicine or law. But finding support and information on dealing with info sec career burnout is difficult because resources and knowledge are scant.

"If you do a Google search for info sec burnout, you'll find nothing," said KC Yerrid, an information security and managed services consultant. Yerrid was one of several panelists who took part in a talk focused on IT security burnout and stress held Monday at the 2012 RSA Conference in San Francisco.

IN PICTURES: What's hot at RSA 2012

[Related: Burned out yet?]

The group, all information security veterans, spoke to a packed room about some of the causes of burnout in the info sec field, how to recognize the symptoms, how to seek help and how to reach out to others who may need assistance.

"For me, burnout manifested itself as rage," said Yerrid. "And when you are a six-foot-one, bald guy having a bad day on the job, that can give some people a bad impression."

"I've seen a high level of burnout. A number of colleagues in this field, fighting the good fight, who have exhibited signs of burnout," said Martin McKeay, a security evangelist with Akamai Technologies.

Moderated by Jack Daniel of Tenable Network Security, the panel mentioned several reasons why they thought levels of stress were high within the info sec field.

Security consultant Gal Shpantzer noted an individual he had met several years ago who had once been in law enforcement and took part in drug raids and other types of high-stress and adrenaline-filled missions as part of his job. But when his friend transitioned to a job in information security, his level of satisfaction was much lower. Shpantzer said his friend felt like he could measure success, and knew when he had done a good job at the end of the day, in law enforcement. In IT security, there are very few concrete measurements for success, Shpantzer said.

"It's like a fungus," said Shpantzer. "You're trying to get rid of it, but it keeps growing."

Others on the panel cited the types of personalities that the info sec field attracts which make working in the profession hard.

"We are a nasty group of people. We turn on each other," noted panelist Joshua Corman, director of security intelligence for Akamai Technologies."We spend so much time worrying about malware and woes in this industry that we forget to take care of each other."

Panelist Stacy Thayer, executive director of SOURCE Conference, noted info sec is an isolating profession and that lack of human contact on many days can make things seem bleak.

"We work with computers. It's not like they are warm and fuzzy," said Thayer.

[Security leadership using improv techniques]

Daniel presented the results of a "Burnout Survey" he and the panel conducted in 2010. Although a wide range of respondents took part, the data only contained about 124 valid responses, which Daniel noted was insignificant from a research perspective.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News