cross-posted from: https://lemmy.capebreton.social/post/506912

More than a dozen cybersecurity professionals shared with CyberScoop similar stories stemming from the intense work demands of an industry that involves often 24/7 vigilance against a growing tide of cyberthreats. Despite a growing awareness of mental health struggles within the industry, sources said there still aren’t enough resources inside companies or across the broader cybersecurity community for professionals dealing with burnout, stress and the intense anxiety of working in a high-pressure environment…

    • MystikIncarnate@lemmy.ca
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      I’m not a cybersecurity admin, I do sysadmin and network admin work mainly. I’ve taken more time off this year from burnout than I have worked this year.

      The problem isn’t exclusive to security, and it’s not getting better. The entire IT support industry is grinding it’s workers to the bone and there’s already a need for more workers. By the time this grinder is finished, there won’t be anyone left to do support.

        • MystikIncarnate@lemmy.ca
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          I agree, but so far that’s not been very possible…

          The scenario I’m in is a relatively small organization, and if we tried to unionize, I’m certain the company would either replace all staff, or simply cease operating.

          For large non-tech focused companies like fortune 500s or something, the IT staff is a very small percentage of workers, and even if there’s a union, often the language of the Union contact explicitly excludes IT from the unionized workers; putting them more on par with middle management, which, as IT support, we’re definitely not.

          The only viable unionization IMO, is in tech-centric firms. Things like software shops, or large telecom operations.

          The only viable alternatives I can think of, which would not happen, is to have an association which acts like a union. Something like the stonemasons but for IT. The other option here is to have everyone in IT basically work for a placement agency, which brokers all employment, so whether you’re working for a fortune 500, or a <100 employee office, you’re going to be paid the same for the same work. The employer would be forced into getting their IT support workers from this organisation which would act like a union (not for profit type deal).

          The reason I believe neither would happen is because for either to have any real teeth, there would need to be significant buy in from all tech workers, making it difficult or impossible for organizations to get their IT staff from anywhere that isn’t associated with the union.

          There’s pitfalls to an industry-wide union like this too, since if you want to depart from the Union, as a worker, for any reason (or the union refuses to have you as a member for some reason), then you’re basically screwed… if there’s enough buy in for the “Union” to work, then the vast majority of companies won’t bother soliciting work, except from the Union…

          I could keep going, but I am in favor of unions. If I’m ever in a position to join one, I will. And if I find an IT job that has a union attached, I’ll apply.

          So far, I haven’t seen it.

    • agent_flounder
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      That’s fucked. Companies need to treat their operational infosec folks way better than that.

      Meanwhile over here on the engineering side, where I have zero operational responsibilities, the last 20 years have been quite nice. Please join me :)

    • ShunkW@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I worked in IAM and then IAM software dev for JPMC back in the day, so I worked with the cyber Sec people a lot. I was burned out, those people were fried. I felt so bad every time I had to bother them. Walking up to someone’s cubicle and they would be so startled and you could tell their nerves were just toast.

      I ended up being an application security engineer for a while at a different company and I was the only one. After 6 months I went back to just software dev and got out of security all together honestly. I love the stuff but the lack of resources and funding but with massive expectations is a nightmare.