Stressors, AI Forcing Changes to Cybersecurity Teams
Stressors, AI Forcing Changes to Cybersecurity Teams
https://www.darkreading.com/cybersecurity-operations/stressors-ai-changes-cybersecurity-teams
Publish Date: 2026-06-19 09:00:00
Source Domain: www.darkreading.com
Using an unordered list, summarize the following article with between 4 and 8 key points. Chief information security officers (CISOs) are faced with overwhelming workloads, the need to keep up with the changes wrought by AI, and fears of liability if they get something wrong — causing some to leave the industry.More than two-thirds of cybersecurity and IT professionals (68%) consider their job more difficult today than two years ago, with more than half saying that the complexity and workload have both increased (55%), and that cyberthreats have become more overwhelming (52%); that’s according to a survey-based report published by the Information Systems Security Association (ISSA) International and analyst firm Omdia. That has in part contributed to an exodus of full-time CISOs and an increase in part-time — or “fractional” — consultants, according to Shawn Murray former president of ISSA and a current fractional CISO himself. He adds that many say they do not have adequate support for their security mission.Related:Operation Escaneo Signals Shift in LatAm Threat Landscape”CISOs who have been in the business and have a 50-, 60-, 70-hour work week — they struggle with the things that are identified in the report, such as culture, business adopting technologies without strategic conversations, and getting the right stakeholders involved,” Murray says. “CISOs are starting to go out on their own and consult, and they’ll align themselves with organizations that are going to listen to them.”Interestingly, concerns over liability — driven by the prosecutions of the CISOs at Uber and Solarwinds — have subsided somewhat, with the issue not making it into the top reasons for CISO stress. However, the pressure of keeping up with security needs of the latest IT initiatives, particularly AI deployments, is making the role more stressful than ever, the survey found.CISOs Under PressureAI has indeed become a double-edged issue for CISOs. AI adoption, especially shadow AI adoption inside enterprises, has created even more headaches for cybersecurity management, says Melinda Marks, practice director for cybersecurity at Omdia.”We saw this with cloud adoption, where [employees] can just enable cloud security features and then they don’t tell the security team,” she says. “But then, when it comes to managing risk and responding to or detecting and responding to threats and attacks, then the security teams are at a disadvantage because they don’t have the full visibility or understanding of what security processes and tools are in place.” Full-time CISOs are down, while part-time CISOs surge. Source: Omdia/ISSAHowever, many CISOs are also looking forward to AI tools that can help them manage security and compliance-reporting workloads, the study found. The vast majority of cybersecurity and IT professionals want to use AI to make their job easier, with 37% currently using AI solutions to solve cybersecurity issues and another 46% planning on it. The most frequently cited jobs cybersecurity teams want to hand off? Automated cybersecurity assessments and software testing, predictive risk analysis, and threat detection, according to survey respondents.Related:EU Gets a Head Start in Developing 6G Network SecurityIn other words, a lot is changing, so it’s important for cybersecurity professionals to get up to speed on the best ways to use AI and how to make business use of the technology secure, says Alex Hutton, CISO at Atlantic Union Bank, a regional bank.”It’s hard to argue the job is getting easier,” he says. “Whether or not you believe that frontier AI is going to have that significant impact or not, the fact of the matter is this is not the same environment that it was two or three years ago — and that calls for education, it calls for information, and it calls for action. And all of those things are going to cause a little more stress on the job.”CISOs Not Likely to DisappearAs mentioned, the stress is certainly turning off some CISOs. The number of companies with full-time CISOs dropped to 63%, from 76% in 2024, while the use of fractional CISOs has increased to 15%, from 6% in 2024, according to the survey. That’s not a momentary blip, but a trend, says ISSA’s Murray. However, the market for strategic cybersecurity advice is also growing, he adds.Related:Segmentation Works for OT If Operators Are Paying Attention”We’re seeing medium- to smaller-sized businesses now having to demonstrate their cyber hygiene and a lot of it ties back to the requirement to have cyber insurance,” he says, adding that companies need deep knowledge to manage the process of certifying that the company meets insurers’ standards. “So that directly falls back on the CISO to provide that sound advice,” he says.Atlantic Union Bank’s Hutton sees the greater demand for such advice as the more likely reason for the shift away from full-time CISOs.”There is a huge portion of industry out there that has the same cybersecurity inherent risk and needs as those who have significant technology funding but just need somebody to help them out,” he says. “I think fractional and virtual CISOs are a great way to address that need and spread the cost around, but I am not seeing a decrease in CISOs. I don’t see any positions being eliminated.”
