Cybermindz warns mental health absences hit cyber staff
Cybermindz said more than 250,000 work days may already have been lost among cyber professionals in the UK, the US and Australia because of mental health-related sickness. Its own research suggests the true total across the sector could be far higher.
The estimate is based on published UK figures showing more than five million work days lost to mental health so far this year, scaled to a combined cyber workforce of more than 1.6 million people across the three countries. On that basis, Cybermindz estimates more than a quarter of a million defender days could be lost in 2026.
Early findings from the organisation's forthcoming research point to a worse picture, with the total number of lost days in the sector potentially exceeding 1.5 million by the end of the year.
The figures come as employers face persistent pressure to retain experienced cyber security staff while managing a steady stream of threats, incidents and compliance demands. Absence linked to stress, burnout and poor mental health can leave teams short-staffed and place extra strain on those still working.
Cybermindz surveyed 587 cyber security professionals on stress, sleep quality and burnout. Among them, 60.5% said they felt "used up at the end of the workday" daily or weekly.
That points to sustained fatigue in a profession where staff are often required to monitor threats continuously, respond to incidents outside normal hours and make rapid decisions under pressure. For employers, mental health concerns in these settings have become a broader issue tied to operational resilience as well as recruitment and retention.
Workforce strain
The cyber workforce figures cited by Cybermindz put the UK at 349,000 people, the US at 1.29 million and Australia at 146,000. Using those totals, the group argues that the burden of mental health-related absence in cyber roles may be materially greater than broad workforce estimates suggest.
Its comments also reflect a shift in how companies and public bodies discuss cyber risk. Alongside technology spending and skills shortages, there is growing attention on the human cost of constant alertness, prolonged incident response and the pressure of defending critical systems.
Peter Coroneos, Founder and Executive Chairman of Cybermindz, said the rise in sick days should be seen as more than a staffing problem.
"The surge in mental health-related sick days is not just a workforce issue - it is a direct indicator of capability degradation under sustained pressure. In cybersecurity, where defenders operate in a continuous threat environment, this trend translates into measurable risk: reduced vigilance, impaired decision-making and slower recovery during incidents. If we don't invest in sustainable mental resilience, we are effectively weakening one of our most critical lines of defence," he said.
Operational risk
The warning links employee wellbeing directly to the effectiveness of cyber defence teams. In practice, reduced concentration, slower judgement and exhaustion can affect how quickly analysts identify threats, escalate incidents and recover from attacks.
Cybermindz works with professionals who protect critical systems and services across national security, critical infrastructure, healthcare, education and government. Its work includes mental resilience programmes and research into the psychological pressures affecting the cyber workforce.
The organisation did not provide a country-by-country breakdown of the estimated lost days across the UK, the US and Australia. Instead, it presented a combined view of the cyber workforce in those markets and compared it with broader data on mental health-related absence.
Although the estimate is based on workforce scaling rather than direct absence records from cyber employers, it adds to evidence of strain in a labour market already facing shortages of experienced staff. For many organisations, prolonged absence in small security teams can quickly create gaps in monitoring, response and recovery.