How staff training can help solve burnout in cybersecurity

Every day is the same. Wake up, drink coffee, and sign into the madness. You squint at the screen like Clint Eastwood in an old western, working your way through the tickets. After the hundredth one, your brain is fried, but you can’t let your guard down. Each one is a potential landmine, and you’re the first line of defense.

Then, CrowdStrike delivers the bad news: you’ve had a breach by an APT. Nerves shot, your coffee goes cold as you try to both contain the threat and collect as much data as possible. It’s time to go home, but there’s nobody to replace you, so you keep working.

Just one more hour, you tell yourself—for the seventh time. There’s a message from your family, asking if they should put your dinner in the fridge.

The dust settles. Everything’s still intact, but the bad guys exfiltrated a ton of customer data. They’re unlikely to be caught, so it doesn’t feel like a victory. The next day, as you pore over a new flood of tickets, you wonder how you could have stopped them sooner.

Is this what being in cybersecurity is all about? Maybe there are other career options…

Chasing the red dot, but never catching it

If you’re trying to reduce burnout (and by extension, turnover) in your team, one of the things you should do is think about how often your staff get a win, and then try to give them these opportunities.

Victory is elusive in cybersecurity. There’s an imbalance of power: defenders need to be perfect everywhere at all times, but threat actors only need to succeed once. Even post-breach, when your team does everything right, the bad guys often still get away. 

The result? Between the lack of closure and false positives, your team can become frustrated, anxious, and disillusioned. 

All the perfect conditions for burnout. 

I attended a great seminar at RSAC by the CISO of FirstBank, Brenden Smith, on this very topic. In it, he likened the whole situation to a “dog chasing a red dot.” (Note: It’s well worth a watch.)

“The dog gets into this position where it’s chasing and hunting something, and it never gets that conclusion,” Brenden said. “It just disappears, and it leaves them in a really high anxiety state.”

“I think unintentionally, a lot of our teams get forced into that same kind of mindset… That’s not to say our teams are dogs! But they are always chasing that threat, seeing a lot of false positives, and it creates a state of high anxiety for our employees.”

One of the ways Brenden suggests to deal with it? Give your team the right learning opportunities.

1. Red team testing can build your team’s morale

Red team testing can be more than a way to identify vulnerabilities in your infrastructure—it can give your team a chance to be successful. Unlike a real incident, the imbalance of power is removed. The defenders know there’s a test going on, a threat actor they can chase, and there’s an actual conclusion at the end.

“They may not know what the red team is up to, but it gives them the opportunity to pursue that threat and have that win,” Brenden said. “And that helps them alleviate some of that stress.”

But while continuous red team testing can improve both team morale and your controls, it needs to be used in moderation.

“You do have to be careful with this, and pace the testing so it’s balanced with burnout,” Brenden said. “For example, if my teams were up last night… I’m not going to have the red team go really hard (at them) today.”

The key is to have an ongoing dialogue with the red team so they know how defenders are going from a capacity perspective, and planning any major simulations for quieter periods.

2. Educational opportunities can turn learners into heroes

You can’t change the past. But through education, your staff can learn about a tool or technique they could use to prevent it from reoccurring. That can turn a loss into a lesson and also serve as a reward for dealing with an incident, according to FirstBank’s Director of Security and Information Management, Emy Dunfee.

“We are in an industry where you could spend your entire time in professional development opportunities if you so choose,” Emy said. “And leveraging some of those professional development opportunities as acknowledgement and growth opportunities for your employees is a very easy way to help manage that burnout.”

Emy said it’s about looking for opportunities where there’s something that needs to be learned from a particular incident and you would like them to grow their knowledge or experience. That can make them feel like they’ve grown from that experience.

“It is very easy to send someone to a webinar or a training class. Not everything has to be a multi-thousand-dollar conference attendance,” Emy said. “There are many conferences that will offer a virtual option that is either free or much cheaper.”

Better still, the employee who learns the information can feel like a hero, bringing back their learnings to the team and feeling a sense of accomplishment in making the business safer.

But what if there’s no learning opportunities that match the past incident? 

3. Learning opportunities help staff pursue their passions and show your investment

If you want to give your employees learning opportunities to reduce burnout, here’s some great news: it doesn’t need to be related to their current role, or even the incident in question.

Why? Because no matter what they learn and share, they’re still the hero who’s helping make the business better, and it helps break up their everyday routine. Whether it’s mastering a new detection technique or improving response time through automation, the method doesn’t matter, only the momentum.

“Maybe you have an employee who’s super interested in learning how to code, or is interested in learning about a new type of cyber innovation. Anything they’re interested in, you should really leverage these opportunities (as a leader),” Emy said. 

“It sort of balances that burnout, since they’re still getting to learn things, spread their wings, and advance their knowledge, and not feeling like they always have to just sit and be a keyboard warrior.”

Emy said that as a leader, offering your staff these learning experiences reinforces that you're also dedicated to them as a long-term employee, and not just as someone there to process tickets.

Conclusion

If you’re looking to reduce burnout and turnover in your cybersecurity team, consider using a mix of red team testing and providing them with education opportunities. There are easy, low cost learning options that can build staff morale, break up their routines, and show your investment in them as a leader. It’s also win-win, as the business benefits from this upskilling.

That’s not to suggest education is the magic bullet for solving burnout on its own, but it is a powerful tool to do it. You should also consider other proactive strategies such as:

• Implementing the right tools and technology to help reduce workload.

• Prioritizing task management and realistic workloads for your staff.

• Finding opportunities to highlight the great work your team does with senior leadership.

• Fostering a supportive environment with blameless postmortems.

• Implementing a flex time policy to acknowledge time away from non-work priorities.

• Making sure your team is well versed in risk acceptance to reduce frustration when security concerns clash with business realities

Cybersecurity is a high-stakes profession, but it doesn’t need to be one that leads to burnout.

Looking for educational opportunities for your team?

Pluralsight is a technology skills development platform given the highest possible score in the 2025 Forrester Wave™. Show your investment in your cybersecurity staff by giving them access to  6,500+ tech courses and 3,500+ hands-on labs. With Pluralsight, they can pursue their passion—whether it’s in cybersecurity, cloud, AI, software development, or building up their soft skills. It also has popular courses such as "How to recognize, prevent, and manage burnout" by Barry Luijbregts.

Help your team beat burnout by breaking up their day with Pluralsight's expert-led learning opportunities. Click here to learn more.