3 min Security

‘Most incident response professionals face mental health problems’

‘Most incident response professionals face mental health problems’

Most incident response professionals seek help for mental health problems, according to a new report from IBM Security. More than half experience stress and anxiety in their daily lives.

The Cybersecurity Awareness Month kicked off on October 1. Over the course of the month, EU and US security authorities organize initiatives to bring attention to cybersecurity issues, solutions and professionals. IBM Security took the occasion to publish a report on the mental well-being of incident response professionals.

The pressures of incident response

Cybersecurity is multidisciplinary. Defending an organization is not only about preventing attacks, but also about responding to attacks, also known as incident response. X-Force, a division of IBM Security, specializes in the latter.

IBM Security recently initiated a survey on the work and well-being of incident response professionals. The researchers spoke with more than 1,000 practitioners in various industries worldwide.

81 percent reported that the psychological pressures of work increase as the threat of ransomware grows. 67 percent experience stress and anxiety in daily life. Insomnia and burnout were among the consequences cited.

Cybercrime increases

X-Force employees are one of the first contacts that IBM Security customers talk to when things go wrong. The professionals negotiate with ransomware groups, lock down systems to prevent spread and take responsibility for malware removal.

The number of security incidents X-Force responded to grew by 25 percent between 2020 and 2021. Moreover, recent research from Check Point Software indicates that the number of network attacks increased by 50 percent between 2020 and 2021.

Organizations are struggling to find trained incident response professionals to keep up with the growth. According to 68 percent of those surveyed, responding to two or more cyber incidents at the same time is common.

Mental well-being

One-third of US respondents said that handling an incident takes an average of four to six weeks. A quarter described the first week as the most stressful and demanding. During this period, about one-third of respondents work more than 12 hours a day on average.

Most respondents receive mental health support to cope with the pressure. 84 percent report having access to resources for mental health issues. 64 percent seek mental health support because of the demanding nature of the job.


In the report, IBM describes a number of ways to reduce the pressure on incident response professionals. “Businesses can support incident responders by prioritizing cyber preparedness and creating plans and playbooks that are customized to their environment and resources”, the organization said.

“In addition, businesses can focus on testing their state of readiness through simulation exercises (such as pentests, ed). Not only to get a feel of how their teams will react under attack, but to provide opportunities to correctly integrate multiple teams that are engaged during a cyber incident.”