Cybersecurity pros are putting everyone at risk by working too much

Zero-day attack
(Image credit: Shutterstock) (Image credit:

Cybersecurity professionals can’t shake off work, even when they’re in their free time, or on holidays, new research has claimed.

A report from Centripetal surveying 200 security pros found that almost all (90%) of cyber pros regularly checked their email, Slack, and other work-related instant messaging platforms, while on annual leave. 

Almost a third (32%) spend every night doing at least some work, while 70% get interrupted at least once a week. Furthermore, roughly a fifth (18%) work more than one full day a week (8+ hours) extra, without being paid.

Missing important alerts

The majority of the respondents (46%) decided to work extra hours, respond to late-night emails, and work during the annual leave because they were loyal to their employers. Another quarter (23%) did it because of heightened cyber threats. Finally, 16% said it was because their team was inadequately staffed. One in ten said they were the only ones capable of doing the job.

But overworked cybersecurity professionals, working in understaffed and underequipped environments, are a liability and a risk to the entire organization. Researchers have been warning for years that many security pros were suffering from burnout which made them miss threats, forget important updates for their endpoints, and more.

A report from cybersecurity experts Vectra AI, published last summer, found that nearly all (97%) are worried they’ll miss important security events, while 71% admitted to possibly being compromised, but not knowing. 

On average, IT teams get almost 4,500 alerts, while only being able to address roughly two-thirds of those (67%). For two in five, they think it’s only a matter of time before they miss something major, and agree the security tools they work with only increase their workload. They also believe they’re being flooded with “pointless alerts”.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.