South African chief information security officers are operating in a perfect storm. Machine-driven attacks, chronically limited budgets and a critical lack of cybersecurity professionals are combining to create an environment where burnout is fast becoming the rule, not the exception.
One of the most immediate stressors is the sheer volume of threats. Teams can spend up to 40% of their time on managing false positives, with analysts stuck in a loop of triaging alerts, many of which turn out to be noise.
Organisations have responded to this alert fatigue by layering on more point solutions to plug gaps. But each additional platform brings more alerts, more dashboards and more complexity. Tool sprawl creates operational complexity, and the mythical single pane of glass remains out of reach.
What’s more, the mindset in South Africa is still one of seeing security teams as cost centres rather than strategic enablers. When breaches occur, security is the first place for blame to land.
Research confirms the immense pressure CISOs are under. A survey conducted by the Chartered Institute of Information Security found that 55% of security professionals struggle to sleep well due to long work hours, with 39% sharing that the fear of suffering a cyberattack hurts their ability to relax at home. Gartner found 37% of security leaders faced unrealistic expectations and 62% experienced burnout at least once (44% multiple times).
Despite this bleak picture, the local industry has reached an inflection point. The key question now is whether local organisations can turn that inflection into a genuine pivot.
Tension
Looking at potential solutions, AI currently sits at the heart of a growing industry tension. On one hand, generative AI and automation are being weaponised by attackers, increasing the speed, volume and sophistication of threats. On the other hand, AI is also one of the few realistic levers security leaders have to scale their defences without adding headcount.
The promise of AI lies in its ability to tackle noise, fragmentation and cognitive overload, which are the most toxic drivers of burnout. By automating routine triage and integrating signals from e-mail, collaboration platforms and other security tools, AI can approximate the single pane of glass humans have been missing.
Read: Here comes the next wave of Chinese AI models
In our environment, we’ve seen a significant month-over-month reduction in ticket volume by using AI to handle customer requirements that previously required human intervention.
Security leaders need to treat their teams’ well-being as a strategic concern rather than a soft add-on.
It’s vital to take a human-centric approach, and this means measuring more than incident counts and mean time to respond. It means tracking retention, skills development and the mental health of the people who make the day-to-day risk decisions and deliberately designing AI deployments to reduce their cognitive load.
Also guard against trying to build everything from scratch. In a resource-constrained market like South Africa, the time to value for homegrown AI initiatives can be 18-24 months or more.
Working with partners that already have AI-driven human risk management capabilities as well as integrations into existing collaboration and communication stacks is the more pragmatic route. These can act as a “parent AI”, learning what normal and risky behaviour look like in a given organisation and providing a foundation from which more tailored, internal agents can later be developed.
Immediate steps
There is hope for overworked teams, and some immediate steps that can be taken:
- Firstly, scale with AI, not just people. Use AI to handle routine triage, false positives and cross-channel correlation so resource-stressed teams can keep pace with the volume and velocity of attacks.
- Secondly, reduce tool sprawl by prioritising platforms that integrate across e-mail, collaboration and key security tools. This creates something closer to a single pane of glass and cuts cognitive load.
- Lastly, make well-being a measurable priority. Treat analysts’ mental health, retention and skills development as strategic metrics, and design AI deployments explicitly to remove “low-value work” so humans focus on higher‑value decisions.
Read: What ordinary South Africans really think of AI
The only way that South African security teams can master this perfect storm and make exponential progress is by using AI to scale the work, and human‑centric thinking to protect the people doing it.
- The author, Heino Gevers, is senior director for technical support at Mimecast