10th May 2024
3 Min Read

Three ways employee wellbeing can compromise cybersecurity

Frazer MacRobert
Frazer MacRobert
IC & Engagement

Cybercrime will cost $10.5 trillion by 2025 – that’s the prediction of an eSentire cybercrime report. And when up to 95 per cent of data breaches are caused by human error, wellbeing is at the core of your cybersecurity defences.

Burnt-out employees are 50 per cent more likely to make mistakes.

Our mental wellbeing influences behaviour and decision-making skills. People struggling with their mental health are 13 per cent less productive and don’t always make the right choices – the safe and secure choices. When this falters, so does the cyber defence of your organisation.

So when we talk about cybersecurity, employee mental health and wellbeing is key to the conversation. And everyone has to play their part, not just your specialists – you’re only as strong as your weakest link.

Here’s three ways the mental health and wellbeing of your people can compromise your cybersecurity:

#1. Stress and burnout

Cybercriminals prey on psychological weaknesses. They create stressful situations that lead us to make the wrong choices – such as an urgent request, seemingly from your CEO. Time constraints can panic us, making us more likely to have poor judgement.

This is bad enough without considering that we’re already stressed at work, which compounds the effectiveness of these scam tactics. Headspace’s sixth annual Workforce State of Mind report found that 86 per cent of workers experienced moderate, high or extreme stress in the past year.

Additionally, research on organisational stress shows that excessive workloads, mismatched values, inadequate rewards, community breakdown, unfairness and insufficient autonomy all contribute to burnout. And there’s a cost too: $322 billion every year due to turnover and lost productivity. However, this figure would be much bigger if you factored in potential cybersecurity mistakes caused by stress and burnout.


Cybercriminals apply the pressure – so relieve the pressure on your employees by protecting their wellbeing. If everyone manages their emotions before making decisions, we’ll make better, more informed choices. It only takes one mistake to compromise an entire organisation.

#2. Anxiety and fear

When facing cybersecurity threats, there’s a lot to worry about – and that can impact decision-making. News outlets spew headlines of million-dollar deep-fake scams and voice-cloning deception, and these stories are scary. So be empathetic to how this fearmongering can affect your people.

The thought of your private, sensitive data getting hacked and leaked is terrifying – like the recent 23andMe data breach. Wellbeing is fragile in such a harsh landscape, yet another reason to protect it.

Heightened anxiety and fear can cripple your decision-making skills. You don’t want to be responsible for an attack so you might instead be overly hesitant with even the most basic decisions – such as answering an email, clicking a link or trusting that it’s really IT on the phone.


Invest in safe and secure digital channels, underlined by cybersecurity best practices, to protect your people’s ability to thrive in treacherous waters. And if they have concerns, listen to them.

#3. Distrust and uncertainty

Psychological safety in the workplace is built on trust. Without it, you’ll miss the issues and lose valuable talent.

Trust and cybersecurity go hand in hand as any delay in reporting mistakes can be disastrous. If someone causes a cyber-attack, then you can lose trust in that person. This can lead to distrusting leaders, holding grudges against colleagues or being suspicious of all digital communications to the point where you can’t navigate digital channels.

Your people need to feel comfortable reporting mistakes as soon as they see them – without fear of reprisal – to help stop data leaks, compromised machines and networks or any other nefarious activities before they happen. They also need to trust that their leaders and peers will support them and everyone’s working together against common cyber enemies – not each other.

After all, new scams are devilishly convincing and navigating the truth becomes much more difficult if your trusted systems are exposed as vulnerable. Trust takes time to build but can be lost instantly, so prepare your people for the harsh cybersecurity realities.


Lead with transparency and empathy, while reiterating that trust works in all directions. If something goes wrong, be open, honest and empathetic with your people. Your culture will be tested, and psychological safety will be critical to navigating a way forward.

The human firewall

Let’s be optimistic: big tech is in your corner and governance is becoming much stricter – for everyone’s benefit. Modern organisations are much savvier about culture, wellbeing and safety and there are many ways to protect and support your employees.

Your people are your first line of defence, your human firewall, so make sure you protect their mental health and wellbeing so they can continue to thrive. And rallying the team against cyber criminals is a much better lens than a box-ticking exercise to say you’ve watched some training videos.

After all, invest in your people, and you invest in the security and safety of your organisation.

Want more info on building your human firewall? Click here

More on this TopIC

The Point.

The latest thinking from the team, direct to your inbox.
We’d love to hear from you

01904 633 399

AWARDS BADGES Agency Business white

The Old Chapel,
27a Main Street,
YO10 4PJ


The Black & White Building,
74 Rivington Street,

© scarlettabbott 2024 Privacy Notice