Some 44 per cent of IT leaders already recognise that a stressed/ overworked workforce making mistakes is a contributing factor toward potential Insider Threat incidents.
Workers in the UK are putting in the longest hours in the EU, working nearly two hours more per week than the EU average, yet are proving less productive than their German and Danish counterparts, according to research by the TUC. One reason put forward for this is employee burnout.
Burnout is described as the point at which an employee has exhausted their physical or emotional strength, typically at the end of a period of prolonged stress or frustration. Sometimes it can be brought on by the work environment, such as where there’s a culture of tight deadlines, but it can also be connected to the individual and their personal circumstances.
Burnout is a growing phenomenon in the UK, with some predictable, and less predictable, consequences. Organisations have long recognised burnout to be a concern – contributing to illness, low productivity and turnover – and recently, the World Health Organisation (WHO) even officially classified burnout as a syndrome, characterised by feelings of exhaustion, disengagement, negativity toward one’s job and reduced productivity.
But burnout isn’t just detrimental to employee well-being and productivity, when it comes to data security, it can also increase the risk of an Insider Threat – whether accidental, negligent or malicious.
Burnout impacts cyber-security
In the past, organisations viewed system administrators and other employees with privileged network access as the biggest Insider Threats. But today, every end user has access, or can be an entry point, to at least some sensitive data and can unintentionally or maliciously cause a data breach or business disruption. The ways in which data can leave an organisation are also endlessly multiplying, from email to cloud apps to basic USBs.
Some 44 per cent of IT leaders already recognise that a stressed/ overworked workforce making mistakes is a contributing factor toward potential Insider Threat incidents, according to a recent survey by ObserveIT. These concerns are well founded, given that the symptoms of burnout – fatigue, apathy and lack of focus – are a perfect storm for making mistakes.
When you consider that 30 percent of all breaches were caused by employee errors, according to the 2019 Verizon Data Breach Investigations Report, it becomes clear that burned out employees can pose a significant risk to cyber-security.
By the same token, burned out employees are more likely to take risky shortcuts when it comes to cyber-security, in a stressed work environment, if they are looking at ways to get the job done.