The average security leader works over 16 hours extra a week

Email security firm, Tessian, has launched its ‘Lost Hours’ report series which surveyed 600 security leaders in the UK, US, Middle East and Africa.

New research reveals that the average security leader in the UK and US works 16.5 hours over what they are contracted to work, every week. This is an increase of five and a half hours compared to the same figures last year (11 hours extra per week in 2021), as observed by email security firm, Tessian, as part of its annual ‘Lost Hours’ report series.

The data also revealed that one in three security leaders (33 per cent) now work over 20 hours extra a week, and one in five (18 per cent) work over 25 hours extra a week. In 2021, just nine per cent of security leaders worked 20-24 hours extra a week.

Shockingly, one in 10 UK security leaders revealed that they now commit 25-49 hours over what they are contracted to work, every week.

Furthermore, a significant 79 per cent of UK security leaders admitted that they struggle to ‘always’ switch off from work, and 21 per cent say they can ‘rarely’ or ‘never’ switch off. Again, these figures are up from last year, where 59 per cent said they struggle to switch off.

Tessian researchers also observed that that the bigger the company, the more hours of overtime its security leaders typically work. For example, security leaders in UK and US companies with 10-99 employees work an average of 12 hours extra a week, versus security leaders in companies with over 1,000 employees who work an extra 19 hours of work, on average.

Similarly, security leaders in companies with under £100,000 revenue work an extra 11.5 hours a week on average, whereas security leaders in companies with revenues of over £500 million typically work an extra 23 hours outside of what they are contracted to work.

Josh Yavor, CISO for Tessian, says: "Security leaders need to be all in on their jobs for the security and health of their organisation.

“As the data shows, this ‘all in’ mentality can turn into ‘always on,’ leading to overtime hours and feelings of burnout.  Not only is this unsustainable, it decreases efficacy and increases risk. Like all employees, CISOs have their limits and need to advocate for themselves and time constraints to avoid burnout. As leaders, it’s critical that CISOs are able to lead by example and to set their teams up for sustainable operational work.”


Featured Articles

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Nearly 31% of hospitality organisations have reported a data breach in their company’s history, according to a Trustwave cybersecurity report

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security

Supply chain cyberattacks seen as catastrophic for business

Cyber Security