Why CISOs Are Walking Away Before the Job Burns Them Out
CISOs are leaving their roles in droves, overwhelmed by expanding responsibilities and increasing stress. As cyber risks grow, the question is whether this turning point role needs a complete overhaul.
Chad Kliewer knows stress better than most. As the head of information security at a hospital, his hair didn't just gray, it fell out. Waking at 3 a.m. because a doctor couldn't send a scan due to an internet outage was routine. The pressure was immense, leading to panic attacks.
The CISO Exodus
It's not just Kliewer. Chief Information Security Officers (CISOs) are quitting left and right. Their average tenure is just 18 to 26 months, a stark contrast to nearly five years for other C-suite positions. The burnout is real, and so is the desire to leave. Surveys show half of them find their roles unmanageable. Seventy percent are ready to jump ship within a year.
Why? The job's demands have ballooned. CISOs must bridge technical know-how with business savvy, juggle regulatory demands, and face board members who speak a different language. All while managing security risks and being held personally accountable for breaches. The challenge is enormous.
The Role's Unbearable Weight
Cybercrime's predicted to cost us $12 trillion by 2031. That's double from 2021. CISOs are the frontline, yet there's not enough of them, especially for small and medium-sized businesses. They're expected to be operational wizards, strategists, and diplomats. It's a heavy load.
As Martin Whitworth, a retired CISO, puts it, "That's enough to burn anyone out." Isn't it time we rethink this role?
Change Needs to Happen
Some are advocating for the CISO role to split. The technical and business aspects are distinct enough to warrant separate leaders. Eighty-four percent of CISOs agree. It's time to stop overloading a single person.
Some companies are already hiring Chief Trust Officers to handle the business side. CISOs stick to cybersecurity. But is that enough when the risks and responsibilities keep piling up?
Several high-profile CISOs have left, opting for less stressful careers. As Kliewer reflects on his journey, he emphasizes that the stress isn't worth it. In the age of AI, cybersecurity's importance can't be overstated. But who's left to guard the gates? And will companies step up to ensure their CISOs aren't just next in line for burnout?
Get AI news in your inbox
Daily digest of what matters in AI.