Skip to content

Listen Up: CISO Burnout Is Tough – Not Talking About It Is Tougher

On a new episode of Focal Point’s award-winning companion podcast, Let’s Converge, former Levi’s CISO Steve Zalewski gets real about the new demands on chief information security officers and the aha moments that can determine their survival in the job.

Perspective

This week we’re talking CISO burnout, the mounting stressors for these vital security professionals – SEC ring a bell? – and how they need to flip the perspective on their role.

Maybe you feel a lot of pressure in your job. For chief information security officers, the heat turned up to SCORCHING last year when the U.S. Securities and Exchange Commission, for the first time ever, brought charges against a CISO in connection with a cybersecurity incident. That kind of scrutiny, plus the increasingly challenging attack variables propelled by AI and the new generation of cybersecurity tools (also propelled by AI), have driven an alarming spike in burnout rates and mental health issues.

Steve Zalewski has been there.

The future of IT and security is autonomous. But most organizations don’t know which manual processes are easy to eliminate. This is where you start.

When he was CISO at Levi Strauss, he’d be on alert 24/7, get woken up at all hours to solve cyber issues, deploy the appropriate technical tools, then try to get back to sleep – all to secure the legendary jeans company. He jokingly says his job was to “inflict friction in a perfect business process to make it inefficient, in order to stop attacks.” He knows that’s the common misperception other employees grumble about, and he’s done his fair share of grumbling too. He burned out multiple times – and left the profession.

Now head of cybersecurity advisory S3 Consulting, he sees how the expectations of the CISO have become even more demanding: They’re now being held accountable from an executive risk perspective, so they need to rethink their job in terms of business impact, he says. (In his case at Levi’s, how could he help them sell more jeans?) “That’s an aha moment for a lot of people to now realize what it means to have a business-risk conversation and position your security program as that component.”

[Listen to the full episode: Ep. 15 – It’s Tougher Than Ever to Be a CISO, and It’s Time to Admit It]

He’s open and willing to talk about the brutal truths. And yet he still remains upbeat. “When you hear this, don’t think, ‘Wow, why would I ever want to be a CISO?? It’s the best job I’d never want,’ but rather, ‘This can be incredibly satisfying, personally and professionally, and we are going to figure this out.’”


FOR MORE EPISODES

By tuning in to Let’s Converge,you’re joining a community of like-minded individuals who are passionate about cybersecurity. We’ll drop a fresh episode every week – and at just 20 minutes or so, it’s easy to stay informed without hours of listening.

Anne Torpey

Anne Torpey is a veteran writer, editor, and word-wrangler who's worked for a bevy of world-class media outlets and legendary brands, including Vice Media, Rolling Stone, W, New York Magazine, Adweek, Porsche, The Ad Council, and McKinsey & Co. Her dad taught her the power of words, and she tries to use the best ones every day.

Tanium Subscription Center

Get Tanium digests straight to your inbox, including the latest thought leadership, industry news and best practices for IT security and operations.

SUBSCRIBE NOW