Getting to grips with post-breach stress disorder

Data is not the only thing compromised during a security event, Billy MacInnes finds your wellbeing is also at risk
Image: Shutterstock via Dennis

19 April 2023

Suffering from anxiety, sleepless nights, worried about your job? If the answer to all or any of those questions is ‘Yes’, you’re likely to be someone with a role in IT security.

You probably didn’t know that when you studied for the appropriate qualification to get you that job. Back then, you were more likely to be thinking about your career prospects for a role that was in demand in many organisations and locations across the globe and the money you could make doing it. Which is understandable because those are factors a lot of people take into consideration when deciding on their career options.

Not to mention that you’d be doing something good as well. Keeping bad people from infecting the network, protecting data and safeguarding privacy. All commendable objectives.




The only problem is that the pace of cyber attacks is relentless and the consequences of a successful breach are potentially fatal to the organisation. Understandably, the stress for someone bearing the responsibility for preventing an attack can be enormous.

A survey of more than 1,600 IT and security leaders, contained in a report from Rubrik Zero Labs entitled The State Of Data Security: The hard truths of data security, starkly illustrated just how stressful working in IT security can be.

A massive 98% of those who had experienced a cyber attack in 2022 reported ‘significant emotional and/or psychological impact’. Stop to think about the psychological and emotional toll revealed by those shocking figures. You’ve heard of PTSD, well this is the cyber security equivalent, PBSD (post-breach stress disorder).

In a significant number of cases, this manifested itself in ways that we have come to associate with severe stress. More than half (53%) reported ‘increased anxiety’ connected to their duties. No wonder when you consider what they had to deal with. But it’s probably worth noting that the suggestion behind reporting ‘increased’ anxiety is that the anxiety was already there.

A different kind of security

Given the critical nature of their role, it’s no surprise that 46% were worried about their job security. It must feel incredibly precarious when your job is dependent on how well your security technology can plug the gaps in your technology infrastructure from attack by malicious actors using technology to try and breach it.

Perhaps we shouldn’t be too surprised, then, that 41% of people lost sleep or had trouble sleeping after a cyber attack. Personally, I’m surprised they manage to get any sleep at all. Especially when you consider that 43% experienced a ‘loss of trust’ from colleagues and team members after a security breach. It must be tough trying to keep your mind solely on work in circumstances where you know that a lot of people in work feel badly disposed towards you.

Perhaps the increased adoption of automation and AI in IT security could provide some respite. Maybe, along with the responsibility, the blame could be shifted from people to technology. Or maybe it might become even more stressful when people have to place their faith completely in the superiority of their security technology as it battles criminal technology intent on attacking company technology to prevent a breach.

In the meantime, perhaps we should spare a thought for all the people suffering PBSD. If cyber attacks continue to grow in their frequency and effectiveness, there could be a lot more cases to come.

For more on this report, the Zero Trust Summit takes place on 11 May at the Radisson Blu Hotel in Golden Lane, Dublin. To register visit

Read More:

Back to Top ↑