Cyber-attacks continue to dominate headlines, disrupting operations and putting sensitive data at risk.
In the wake of the AI boom, threats are growing more complex. The endless game between attacker and defender is intensifying, and defenders know the stakes are high.
Security teams face a widening skills gap, growing threat complexity and tighter budgets. It’s a perfect storm for burnout. In fact, 79% of cybersecurity reported that escalating threats are impacting their mental health, highlighting the need for an empathetic approach to these challenges.
Prevention as the shield, resilience as the backbone
Historically, organisations have measured cybersecurity success by how well they prevent attacks. But with 90% of IT and security leaders reporting cyber incidents in the past year alone, it’s clear that prevention alone is no longer enough.
It’s time to shift the focus towards recovery, transparency, and resilience. Resilience shouldn’t be seen as a fallback – it needs to become the frontline. This shift in mindset not only better prepares organisations for inevitable breaches but also reduces pressure on teams by redefining what success looks like.
When teams are judged on their ability to recover and minimise disruption (not just prevent attacks), they’re empowered to focus on what matters; early detection, rapid response, and recovery planning. This reduces burnout and builds stronger long-term security posture.
We must also accept a hard truth; breaches will happen. Rather than fuelling a culture of blame, we need to equip teams to respond effectively and confidently.
Securing the security team with transparency
As ever, collaboration in a crisis is critical. Security teams working closely with backup, resilience and recovery functions are better able to absorb shocks. When the business is confident in its ability to restore operations, security professionals face less pressure and uncertainty.
This is also true for communication, especially post-breach. Organisations need to be transparent about how they’re containing the incident and what’s being done to prevent recurrence. Trust drives everything and must be built into architecture, communication, and response, from user behaviour to board confidence.
Shared risk, shared responsibility
As seen with the recent retail cyber-attacks in the UK, the implications of a cyber breach can be business critical. Yet many CISOs still struggle to get alignment at board level. Over three-quarters (77%) of UK CISOs feel that their IT budget is not completely reflected by their board’s objectives for cybersecurity.
To make matters worse, this is heightened when it comes to regulatory pressures. New legislation like DORA and the upcoming Cyber Security and Resilience Bill is turning up the heat, with over half (58%) of CISOs feeling the pressure as a direct result.
There is also an element of the blame game going on, with everyone keen to avoid responsibility for an inevitable cyber breach. It’s much easier to point fingers at the IT team than to look at the wider implications or causes of a cyber-attack. Even something as simple as a phishing email can cause widespread problems and is something that individual employees must be aware of. Security is everyone’s business – the attack surface isn’t just focused on IT, it’s every team, tool, and workflow.
This critical gap jeopardises not only an organisations’ security posture but also their ability to meet evolving regulatory demands. CISOs, boards, and other stakeholders must work together to ensure that cyber resilience priorities are clearly defined, adequately funded, and effectively implemented to meet the evolving regulatory landscape. The weight of responsibility for cyber security shouldn’t just lie on the security team’s shoulders. Cyber resilience is business resilience and security leaders, boards and stakeholders all have a part to play.
Building teams that thrive
To build and retain a capable cybersecurity team amid the widening skills gap, CISOs must lead a shift in both mindset and strategy. By embedding resilience into the core of cyber strategy, CISOs can reduce the relentless pressure to be perfect and create a healthier, more sustainable working environment.
But resilience isn’t built in isolation. To truly address burnout and retention, CISOs need C-suite support and cultural change. Cybersecurity must be treated as a shared business-critical priority, not just an IT function. This means aligning investment with board expectations, embedding security into daily operations and ensuring every employee understands their role.
With regulatory pressure rising and the threat landscape evolving, resilience isn’t just a technical necessity, it’s a strategic imperative. CISOs who champion collaboration, drive cultural change, and lead with empathy will be best positioned to build security teams that are not only effective but built to last.
About the Author
Richard Cassidy is EMEA CISO at Rubrik. Rubrik is on a mission to secure the world’s data. With Zero Trust Data Security™, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.
