UK cyber leaders fear sack as stress & burnout rise

New research suggests most senior UK cyber and IT professionals fear a serious security incident could trigger personal consequences, including losing their job.

A survey of 501 UK CIOs, security analysts and IT professionals found 84% worry a breach or incident could cost them their job at any moment. The findings point to a workforce under sustained pressure as cyber incidents remain common across organisations.

Stress levels

The survey found 59% of respondents said their teams suffer from high stress levels. It also found 53% struggle to switch off after work. Another 34% said they constantly worry about losing their job because one of their team makes a mistake.

The results add to a growing focus in the sector on retention and wellbeing, as security teams face expanding responsibilities and expectations. Many organisations also operate with limited headcount in specialist roles.

Incident experience

The research found 64% of respondents have dealt with a significant breach or data incident. It reported 20% experienced such attacks on multiple occasions.

The findings indicate that a large share of UK organisations in the mid-market bracket continue to encounter serious cyber events. The research covered organisations with between 100 and 2,500 employees.

Personal impact

Beyond workload and alert fatigue, the survey points to mental health strain. It found 27% had to spend time away from work because of burnout or anxiety.

It also found 10% had either been demoted, passed over for promotion, fired, or saw colleagues suffer the same fate. Another 14% said they were held culpable internally for the breach.

The findings also suggest some professionals reconsider their future in the field after major incidents. The survey found 17% thought again about whether to pursue a career in cyber protection. It also found 12% experienced a profound sense of isolation.

Kocho, a UK provider of cybersecurity, identity, cloud transformation and managed services, commissioned the research. The company works with mid-market and large enterprise clients across sectors including financial services, health, manufacturing and professional services.

"Cyber incidents are often discussed in terms of financial and operational impact, but the human cost is frequently overlooked", said Hannah Birch, Chief Executive Officer, Kocho. "The constant fear of a serious incident - and the personal consequences that can follow - creates an environment where anxiety and burnout are never far away, even when incidents are outside an individual's direct control."

Blame culture

The survey data also points to concerns about how organisations respond after an incident. Responses suggested some teams perceive an internal blame culture that places responsibility on individuals even when incidents stem from systemic factors.

That dynamic can shape how security leaders communicate risk to boards and senior management. It can also affect how teams approach decision-making during live incidents, where speed and accuracy matter and information remains incomplete.

Kocho said organisations should review how they support security staff during and after incidents. It also pointed to the need for both technical and psychological support mechanisms.

"Organisations need to think about how they support these critically important professionals and help alleviate the burdens technically and psychologically. Many are likely to have gone through very bad experiences, leading to absences from work and prolonged underperformance. Without support, severe depression can be one of the consequences." said Birch.

The survey was conducted by Censuswide in November 2025 and focused on respondents responsible for cybersecurity in UK organisations with 100 to 2,500 employees.