The human cost of security incidents

Published on - 2 min read

The human cost following a major information security incident is often overlooked. If you would like to gain a greater understanding from one of the major incidents in the last 10 years[1] I encourage you to read Tarah Wheeler and Lord Alderdice work ‘Cyber Collateral: WannaCry & the impact of cyberattacks on the mental health of critical infrastructure defenders’.

I recently came across the article and it echos my assumptions working on the data protection side of security incidents. The negative impact on mental health is an often overlooked result of major data breaches and cyber security incidents to organisations.

It’s pleasing to see research into the mental health aspects of the information security field, it is likely one of the primary drivers for burnout and leavers in a field which suffers from a persistent talent shortage.

Wheeler and Alderdice’s work focuses on critical infrastructure incident response staff recalling a particularly stressful period. However, for small teams, or even teams of one, protecting entire organisations outside of the critical infrastructure industry; protecting hundreds or thousands of staff and customer data is down to you, this reality is lived every day.

The authors interviewed responders to WannaCry and found responders to major cyber attacks can have a significant impact on the mental health of responders, with reports of stress, anxiety, depression, sleep problems and feelings of helplessness, exhaustion, and being overwhelmed.

It isn’t just those who are directly detecting and eradicating threats that suffer from these negative effects, however. There are wider groups within organisations which are negatively effected: GRC staff need to meet regulatory reporting deadlines, the staff member(s) who caused the breach can suffer guilt, anxiety, stress, fear of loosing their job and more, and teams who are impacted by outages can feel similar negative effects, which is particularly dependant on the industry in which the organisation impacted operates - staff of charities are likely to feel it more than others because of the potential increased human cost, for example.

To end on a positive, actionable note, you can support staff who are part of incidents by:

  • creating a supportive environment in which they can talk about stress,
  • be conscious and understanding that staff are doing the best they can,
  • encourage (and ensure) staff take breaks (including leading by example if you overwork yourself),
  • explore what your HR department can assist with or sign post staff to in terms of mental health resources offered by your organisation or what you could do following a major incident, such as providing counseling or stress management training.


  1. Wikipedia (2023) WannaCry Ransomware Attack. [Accessed 12/05/23].