Managing the Pressures of Being a CISO

Managing the Pressures of Being a CISO

Article - Security
By Josh Porter|18th December 2024

It should come as no surprise that being a CISO is tough. It’s a stressful job but that comes with the territory, right? 

At what point does it become too much? 

The trouble facing CISOs today is that their role is evolving as fast as the threats they tackle. New threats mean larger workloads and fresh obstacles. Meanwhile all the existing threats are still there. 

The average CISO is understandably running out of steam. 

At our recent Security Insights Summit, it was heartening to see attendees open up and discuss the pressures they face as security leaders. Here are some of their key insights.

The pressures 

Quite simply, the key pressure facing security leaders is the scope of the role, and number of stakeholders to manage.  

  • Incident response
  • Supply chain risks
  • AI risks
  • Threat detection
  • Training and education

The list goes on. 

Security leaders are being overwhelmed, resulting in the top priority becoming incident response and fighting fires. A simple solution would be increasing resources to spread the load, but as organizations tighten their belts, CISOs are being asked to do more with less. 

If that wasn’t enough, personal liability is the cherry on top. If a company suffers a cyberattack, it’s the CISO who takes responsibility. As we’ve heard time and time again, suffering a cyberattack is not an if, it’s a when. With that in mind, are CISOs doomed to a cycle of burn and churn every time the inevitable happens?

Lightening the load 

If you’re tackling a human problem, you need a human solution. To counteract the pressures of burnout, our attendees emphasized the importance of prioritizing the humans within their team. Speak with your teams, understand the challenges, and support each other wherever possible. 

In all the technical talk around security, it’ easy to forget a key component of being a security leader – relationship management. Taking stock of your relationships and communications will lead to a more intentional and resilient mindset. 

Setting boundaries 

With the constant threat of cyberattacks, it’s easy for CISOs to feel like they’re always on-call.  

Part of this comes from the narrative we set up around cybersecurity. When security experts are positioned as the organization’s defenders from attack, it’s understandable that they feel they should always be ready to fight the good fight. It’s precisely this personal responsibility that CISOs need to step away from. 

Setting boundaries is essential. Without boundaries, burnout becomes as inevitable as a cyberattack. 

Outside of the obvious mental health benefits, boundaries allow security leaders to think more considerately about their time and as a result, manage their priorities. 

 

“We need to move away from everything being a priority. If everything is a priority, nothing is getting done.” 

 – Rick Scot, SVP of InfoSec at BNY 

Mentorship and community 

A little support can go a long way. It’s impossible to set healthy boundaries in an organization that doesn’t respect and value their security staff. It’s a truth that bad leaders drive people to leave. Building relationships with business leaders and identifying security champions will help but, unfortunately, if the support isn’t there, you’re on your own. Literally. 

When support within your organization isn’t available, turn to the community.  

GDS is proud to provide a platform for our security community because we understand how vital it is. Information sharing, understanding the challenges of your peers, and offering mutual support will be the beginning of a better security industry. 

The evolving role of CISO 

Being a CISO is, and will continue to be, a difficult job. But don’t despair, there’s a brighter future ahead. As we continue to shine a light on the challenges of security leaders, we pave the way for better, more human leadership. 

With a growing need for authenticity and humanity in the workplace, today’s security experts are leading the charge. 

Join the charge at one of our upcoming security events where we’ll continue the discussion on navigating cybersecurity and business challenges in the modern era. 

By Josh Porter|18th December 2024
Back to insights

Related content

View all
Security
Article

Is Simplicity the Way Forward for Cybersecurity?

It’s no exaggeration to say the threat from cyber-attacks has never been greater. But instead of trying to secure everything, is there a simpler way?
4 minute read
Josh Porter
Find out more
Security
Article

Security Summit, Lisbon 2025 | Insights Report

Missed our recent Security Summit, or maybe just want a refresher? Here are all the insights from the main stage.
Adam Burns
Find out more
Security
Article

Chief of Everything – What Does it Mean to be a Modern CISO?

Today’s CISO needs to wear a lot of hats. With so much on one plate, it’s no wonder that CISOs are asking "are we chief of anything?"
4 minute read
Josh Porter
Find out more
Security
Article

Consolidating Cybersecurity: Is it Worth it?

Airtight cybersecurity is what dreams are made of. You just need to figure out how to get there. Consolidate? Or consolidon't?
3 Minute Read
Patrick Mclean
Find out more
Security
Article

The CISO’s Dilemma – Doing More With Less in Cybersecurity

The list of CISO priorities is growing. Host and editor Ben Thompson, asks: how do CISOs manage the pressure to be more efficient and effective?
4 minute read
Ben Thompson
Find out more
Security
Article

How Do You Balance Security and Agility While Staying Compliant?

If you're not compliant, you're at risk. If you're too focused on compliance, you slow down your ability to innovate. How do you strike the balance?
5 minute read
Josh Porter
Find out more
Security
Article

Cybersecurity in 2025: Challenges and Solutions

With the year ahead of you, now’s a better time than any to start rethinking your security measures.
3 Minute Read
Patrick Mclean
Find out more
Healthcare
Article

Healthcare: Staying Secure in 2025

For the healthcare industry making a robust cybersecurity strategy not just important but absolutely critical.
4 minute read
Patrick Mclean
Find out more
Security
Article

Building Operational Resilience in 2025

Hear from the experts on how you can prioritize your operational resilience for 2025.
4 minute read
Josh Porter
Find out more

Related events

GDS Roundtable Environment with host, Kristina
Security
Roundtable

Operationalizing Cyber Resilience Under Pressure

25 March 2026 12:00 pm - 1:30 pm GMT
Find out more