The Intersection of Cybersecurity Awareness Month and World Mental Health Day

October is Cybersecurity Awareness Month, and today, October 10, is World Mental Health Day.

In 2022, the World Health Organization (WHO) estimated that depression and anxiety led to a loss of 12 billion working days each year, costing $1 trillion per year in lost productivity. The good news is that, in the three-and-a-half years since the start of the COVID-19 pandemic, conversations about mental health have become more common and less stigmatized, including in the workplace. Within the Sikich Technology practice and its Cybersecurity team, we’ve seen employees becoming more aware of and open about their wellbeing. Fortunately, employers are also starting to place more importance on mental health by providing enhanced communication and support, and additional resources are being made available to help companies in those efforts.

Concerning Statistics

Working in the technology field can be stressful in the best of times. As Naveen Bhateja, Chief People Officer of Medidata Solutions, stated, “The tech industry adds another layer of complexity when taking into consideration the mental health discussion. The tech industry fosters a ‘crunch’ culture where demanding work must be completed in a short amount of time. The industry is known for high stress: late nights, abnormal hours, and tight deadlines, all while being constantly available at any time of day.”

While mental health data specific to the technology and cybersecurity space can be hard to come by, a Nominet survey focused on the stress levels of Chief Information Security Officers (CISOs) showed that 88% of surveyed CISOs reported being under moderate or high levels of stress.

It’s worth mentioning that the Nominet survey was conducted in 2019, before the COVID-19 pandemic. When the pandemic hit, the entire globe experienced higher stress levels, which led to significant declines in mental health. A scientific brief released by WHO in early 2022 showed that pandemic-related stressors led to a 25% increase in the prevalence of anxiety and depression throughout the world. Pew Research Center analysis showed that, by September of 2022, 41% of U.S. adults had experienced at least one instance of high-level psychological distress since the start of the pandemic. Most troubling, analysis from the Kaiser Family Foundation showed that suicide deaths increased sharply after the onset of the pandemic, with the number of suicide deaths in 2022 being the highest recorded up to that point.

Beyond the “normal” pandemic stressors that everyone was dealing with, those working in the technology field, including those responsible for managing cybersecurity or information technology solutions, were also facing widespread supply chain issues and talent shortages, as well as ransomware incidents and related costs that reached record highs.

A “State of Mental Health in Cybersecurity” survey conducted by Tines in 2022 showed that 26.8% of respondents reported that their mental health had gotten worse over the past year, and more than 50% of respondents had been prescribed medication for mental health purposes.

Fresh data on CISOs from a 2023 Cynet survey showed that the percentage of CISOs who said they were stressed at work rose to 94%. What’s more, 65% of respondents said stress negatively impacted their ability to do their jobs, and 74% had employees quit in the past year due to job-related stress.

These alarming statistics illustrate how significantly increases in stress levels can negatively impact mental health. That is important to understand if the expectation is to find solutions to the mental health issues with which so many people are dealing.

Encouraging Developments

It’s clear that employers will want to prioritize mental health moving forward. In addition to improving the experiences of their employees, it’s good for their bottom lines. “Addressing employee mental health is cost-effective for the employer and beneficial for the employee,” says Philip G. Levendusky, PhD, ABPP and Chief of Psychology Emeritus at McLean Hospital. “When employees receive effective treatment for mental illness, the result is lower total medical costs, increased productivity, lower absenteeism, and decreased disability costs.”

Hopefully, the future will see fewer instances of those standing in the way of a cybersecurity compromise having to compromise their mental health to do their jobs.

If you or someone you know needs crisis support, please reach out to the 988 Suicide &Crisis Lifeline by calling or texting the number “988.”