The Bottom Line: Burnout symptoms in 67 percent of CISOs lead to alert fatigue and poor decision-making, compounded by regulatory pressure and personal liability risks under NIS2 and related rules.
Continuous workload from NIS2, DORA, and the EU AI Act drive cognitive exhaustion in security teams, resulting in critical errors. Rising CISO turnover rates leave gaps in defense architecture.
The European regulatory framework around NIS2, the Digital Operational Resilience Act (DORA) for the financial sector, and the EU AI Act has significantly increased requirements for risk analysis and incident reporting. At the same time, according to Splunk’s CISO Report, 78 percent of security leaders now fear personal legal consequences in the event of a critical incident—a marked increase compared to previous years. This liability anxiety is a major driver of psychological strain.
The problem is measurable in hard numbers: Nagomi’s CISO Pressure Index shows that 80 percent of surveyed CISOs experience high or extreme daily pressure. 67 percent report weekly or daily burnout symptoms. Nearly 40 percent are considering leaving the profession entirely. The consequence is a significantly elevated turnover rate—the average tenure of a CISO in European companies is between 18 and 26 months. These constant transitions destabilize security strategy and create gaps in defense architecture.
Cognitive overload manifests itself in concrete security errors. Security teams report alert fatigue: modern monitoring systems generate thousands of alerts daily, many of which are false positives—all must be manually reviewed and documented. Studies show that security teams spend approximately half their working time maintaining and tuning their security tools, not actively defending. Under chronic stress, analysts review complex alerts incompletely, close tickets prematurely, and approve risky exceptions under pressure from business units—a direct entry point for security breaches.
Source: www.it-daily.net · Published 30 June 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.2.