Most UK IT and cyber people according to a survey fear a serious breach or incident could cost them their job at any moment.
Some 59pc of respondents say their teams suffer from high levels of stress, and 53pc say they struggle to switch off after work. A third (34pc) constantly worry about losing their job because one of their team makes a mistake. Most, 64pc have had to deal with a significant breach or data incident. As for the personal toll this takes is very evident, some 27pc say that they have had to spend time away from work because of burnout or anxiety. One in ten say they have either been demoted, passed over for promotion, fired, or saw colleagues suffer the same fate, while 14pc found they were held culpable internally for the breach.
The blame, sense of guilt or responsibility caused 17pc of those surveyed to think again about whether to pursue a career in cyber protection.
Comment
The survey was for Kocho, a UK Microsoft Partner. Hannah Birch, CEO at Kocho said: “Cyber incidents are often discussed in terms of financial and operational impact, but the human cost is frequently overlooked. The constant fear of a serious incident – and the personal consequences that can follow – creates an environment where anxiety and burnout are never far away, even when incidents are outside an individual’s direct control.”
“Organisations need to think about how they support these critically important professionals and help alleviate the burdens technically and psychologically. Many are likely to have gone through very bad experiences, leading to absences from work and prolonged underperformance. Without support, severe depression can be one of the consequences.”
About the research
Censuswide in November 2025 surveyed 501 UK CIOs, security analysts and IT people working for UK workplaces with between 100 and 2,500 employees.
Investment scams
A quarter of young investors admit to making impulsive decisions, to keep up with investment trends, often leaving little time to properly evaluate the risks, it’s claimed. Krisztián Gátonyi, from BrokerChooser, said: “Amid a sharp rise in investment scams, this behaviour is particularly dangerous – especially as fraudsters grow increasingly sophisticated in how they present themselves. With the rise of AI, we’re now seeing realistic fake websites, chatbot ‘advisors’, and even deep fake videos of celebrities endorsing bogus schemes. It’s becoming harder for even seasoned investors to separate genuine opportunities from high-tech fraud. A concerning new study reveals that participants were 22% more likely to invest in AI-enhanced scams than in traditional ones.
“While younger adults tend to feel more sure of themselves, some are still falling for red flags like promises of unrealistic returns, unregulated platforms claiming to be ‘pending approval’, or pressure to act fast. It’s critical that people learn to pause and verify.”
Spreadsheets
A disconnect is growing it’s claimed between how important spreadsheets have become and how poorly access to them is controlled. Most of the SMB employees surveyed (64pc) for a privacy software firm say they retain access to files they no longer need, often because off boarding processes fail to keep pace with workforce changes. Manual, link-based sharing remains common, increasing the risk of unauthorized access, data leaks, and GDPR non-compliance.
As spreadsheets evolve into systems of record, these access gaps carry serious consequences. Proton’s survey of 250 SMB employees in the UK suggests that spreadsheets are now routinely used for core business functions, such as project management.
Patricia Egger, Head of Security at Proton said: “Spreadsheets, like other critical tools used by SMBs, are often treasure troves of sensitive data — from financial and strategic planning information to HR and client data. Yet they’re often not handled as would other high-risk data. When someone leaves a company, access to shared spreadsheets is often nobody’s problem: links stay active, permissions aren’t reviewed, and data remains accessible without anyone noticing. This isn’t about bad intent, but everyday process gaps and manual offboarding that leave businesses unnecessarily exposed long after an employee has moved on.”
Personal and work accounts are mixing; or, some open work spreadsheets with personal accounts or access personal files on work accounts. The survey also pointed to confusion around cloud security and data use.
