The Hidden Impact of Cyber Attacks on Mental Health

Florin Soltan
Florin is a Cyber Security Product Manager at Acronym. He helps organizations protect against digital threats by developing and implementing robust security strategies to safeguard sensitive data and infrastructure.
a person sitting on a chair using a laptop

The prevalence of cyber crime continues to grow exponentially

Are you fighting off the invasion of cyber attacks in what feels like a never-ending battle? Well, you’re not alone. Cyber crime is a serious, growing concern among companies and individuals as digital data is more exposed than ever. We find ourselves in a hostile situation of ever-evolving threats to data security with no end in sight. As soon as we install a reliable cyber security defence, sophisticated hackers figure out a way around it— requiring us to add yet another layer of security until we are at the level of “zero trust.” Having strict cyber security measures in place at work and in the home goes a long way to preventing a full-blown cyber attack from causing damage to one’s finances, reputation, and mental health.

Recent cyber crime numbers are rising, affecting millions of companies and people worldwide. Statistics show that:

  • Data breaches cost businesses an average of $4.35 million in 2022.
  • Around 236.1 million ransomware attacks occurred globally in the first half of 2022.
  • In Canada alone, just under one-fifth of businesses were impacted by cyber security incidents in 2021.

While these numbers are staggering, the global impact of cyber events is expected to keep skyrocketing, according to Statistica’s Cybersecurity Outlook.

Cost of Cyber Crime Worldwide

– The Latest 2023 Cyber Crime Statistics. AAG IT Guide, Updated May 2023.

The effect on individual victims can be long-lasting

While good cyber hygiene practices typically focus on computing devices and networks, the human factor is often overlooked. From the ongoing threat of ransomware attacks to phishing emails and viruses, we are constantly being bombarded by bad actors. Their goal is to catch us off guard as we grow weary in the daily struggle to mitigate risks of data breaches and personal identity theft.

The emotional and psychological impact on individuals following losses related to cyber crime can range from mild to severe and lead to symptoms of depression, anxiety, panic attacks, posttraumatic stress, and even suicide. Individual victims are left with scars from emotional trauma—e.g. a sense of violation, powerlessness, anxiety, depression, and eating/sleeping disorders. Survivors of cyber attacks can go on to experience lingering feelings of guilt, shame, and grief. They can also be left feeling robbed and afraid an attack will happen again.


The impact can be worse for IT security workers, who must directly deal with the fallout from aggressive cyber attacks and daily intrusions on top of their other duties. After all, IT typically has 100% responsibility for protecting an organization’s biggest asset—data. No wonder the looming risks associated with a breach are overwhelming, causing enormous stress from being on alert 24/7. There is a well-founded fear of not only data loss but also the damaged reputation of a company’s products and services as customers lose confidence following exposure. A state of helplessness is common since the perception is that no matter what you do, you will be hacked sooner or later. With an increasing skills shortage and the building pressure placed on already overworked IT personnel, mental health issues like burnout will only become more significant in the years ahead.

Thus, the pervasiveness of cyber attacks is taking a significant toll on personal well-being as we try to cope with the onslaught the best we can.

The importance of corporate awareness and protection

Cyber security stress is an industry-wide epidemic among security professionals. Burnout is a complicated conversation, but IT security leadership must face workplace stress before it compromises productivity, talent retention and individual well-being.

Fighting cyber crime starts with a secure IT environment to safeguard all digital devices and business-critical information—by implementing an end-to-end, zero-trust architecture, including multi-factor authentication, cryptographic protocols, and security standards and policies. However, the ultimate success of this effort depends on the people in charge of monitoring these protective measures. We are now learning that excessive work-related stress can potentially lead to errors in judgment.

One way to combat this fatigue is to spread the responsibility of cyber security among all employees. This can be accomplished via awareness campaigns to educate everyone about cyber risks and recommend best practices. An example is the popular slogan “Stop, Think, Connect.” Upper management can lead the way by:

  1. Creating a security-first culture: make it a top priority backed by enforced policies and guidelines that define expected behaviours and outcomes.
  2. Mandatory security training: reduce vulnerabilities and emphasize ownership by teaching everyone how to respond to a perceived cyber attack.
  3. Creating a disaster recovery plan: address safe data storage, backup, and quick recovery from a data-destructive event, assuring employees and customers that their information can and will be protected.

How do you protect your employees from the adverse effects of cyber attacks?

Since the COVID-19 pandemic, there has been a paradigm shift concerning employee well-being, e.g. being sensitive when they become ill or have to support family members during a crisis. This mindset now needs to extend to the mental and physical health of those employees exposed to and/or fighting off cyber attacks. Globally, according to Nominet, one-quarter of security leaders have physical or mental problems that directly result from workplace stress, and 17 percent of those surveyed have even turned to alcohol or medication to cope with job pressures. Flexible work schedules, backup staff, and health plans are just the beginning. Companies need to enhance HR benefits to focus on emotional well-being by offering programs that help workers monitor and reduce stress levels.

IT professional monitoring on an ipad

Self-care matters

Employees can take precautions into their own hands by maintaining a sense of equilibrium and work-life balance with a simple routine of self-care practices, such as getting enough rest, doing yoga and meditation, attending to hobbies/friends/family, and eating right, to name a few stress-busting strategies. In addition to company health plans, there are also convenient online therapy services designed for busy professionals. Taking time to recharge and seek help when necessary is essential to survive and thrive in the age of cyberattacks.

The benefits of a managed cyber security solution

A viable solution to the all-consuming demands of providing in-house cyber security coverage 24/7/365 is for companies to outsource all or part of their security program to an experienced, third-party team.

A managed cyber security solution can help minimize the human impact of cyber attacks. It can provide peace of mind with the most effective, state-of-the-art technology and augmented resources—so your team can focus on other high-value tasks, not just putting out fires. This approach also makes it easier to reign in traditionally exorbitant IT costs, eliminating the purchase and maintenance of ever-changing security tools and having to hire, train, and retain the expensive personnel needed to run it all. Finally, a trusted partner takes the worry out of maintaining compliance with strict cyber security rules and requirements in certain heavily regulated industries.

Getting to the root cause

Management must continue addressing the root cause of cyber security-related stress, burnout, and fatigue among employees to mitigate human error. While this is not a new phenomenon, the occurrences and consequences are mounting, pointing to the need for more human-centric solutions. This can include identifying high-friction areas that degrade human performance (including security fatigue, cognitive fatigue, decision fatigue, all the way up to chronic fatigue ) and implementing solutions to reduce risk. After all, it is this weakened mental state that cyber criminals are exploiting to gain access to sensitive and critical infrastructure.

Learn more about our featured solutions

Someone working to Secure corporate folders
Product Summary

Secure IT

Fully managed security solution designed to guard your network and entire IT infrastructure – including cloud resources and remote devices – from threats and attacks.

About Acronym

Acronym Solutions Inc. is a full-service information and communications technology (ICT) company that provides a range of scalable and secure Network, Voice & Collaboration, Security, Cloud and Managed IT Solutions. We support Canadian businesses, large enterprises, service providers, healthcare providers, public-sector organizations and utilities. We leverage our extensive network expertise to design and build customized, fully scalable solutions to help our customers grow their businesses and realize their full potential. With more than 20 years’ experience managing the communications system that enables Ontario’s electrical grid, Acronym is uniquely positioned to understand the mission-critical needs of any business to deliver the innovative and reliable services that respond to the changing demands of businesses, and support rapid growth and digital transformation initiatives.

Get our latest industry insights right in your inbox