Is Imposter Syndrome Paralysing Cyber Security Professionals?



Are you a cyber professional plagued with self-doubt? You’re not alone. More than half of those working in the cyber security industry feel the same. A recent survey found that of the 10,400 cyber professionals questioned, over 58 percent admit to suffering from imposter syndrome despite working for major global companies like Facebook, Google and Amazon.

The question is why? Why is imposter syndrome felt by so many in the cyber security industry? And, what can be done to stop these professionals from feeling like frauds?

What is Imposter Syndrome?

Imposter syndrome is a psychological issue that most humans suffer from to some degree. It is defined as a form of self-doubt in which successful professionals believe they are a fraud and unworthy of their success. These professionals see their success as luck or an illusion, rather than being a reflection of their talent, work ethic and dedication.

Have you ever felt like you are undeserving or under qualified for your job? If yes, imposter syndrome may be to blame.

Why is Imposter Syndrome so prevalent in the Cyber Security industry?

Many highly successful cyber security professionals share this feeling of being a fraud. Despite what those outside of the cyber industry may perceive, the further these professionals climb in their career, the further they admit to spiralling into this imposter feeling.

Insecurity feeds intensely into imposter syndrome and as a highly competitive, fast paced industry it is unsurprising that cyber security professionals feel self-doubt. The competitive nature of working in cyber security does little to help.

Ego is another huge issue in the cyber security world. The very nature of the attack-defence culture drives this ego hierarchy where everyone is constantly competing and comparing. With this constant uncertainty and fear of judgment, professionals can end up operating in this constant cycle of self-doubt. 

Beyond insecurity, the cynical and critical nature of working in cyber security perpetuates imposter syndrome further. Cyber security professionals are expected to approach everything with a critical lens and whilst this approach is beneficial from a business perspective, when criticism leaks into personal critiques imposter syndrome is driven further.

Externally, the uncatchable pace of the technology and cyber industry intensifies the effects of imposter syndrome. Whilst this pace is driving businesses and cyber security professionals forward, it can become anxiety inducing when stuck in this catch-up cycle and some cyber professionals are left feeling inadequate, uneducated and professionally behind.

If imposter syndrome continues to plague the cyber security industry, the risk of burnout is intensified. In a time when companies are scrambling to find talent, the risk of losing their current cyber security employees to burnout is particularly worrying. A greater understanding of why imposter syndrome is heightened in cyber security is a starting point for businesses looking to address the issue.

Imposter syndrome is by no means exclusive to the cyber security industry. And, whilst cyber security does not have a monopoly on the issue, it is undoubtedly growing with more cyber security professionals sharing their imposter syndrome struggles. Tackling the issue requires a balance of employer attention and support, and personal efforts by cyber security professionals. These efforts need to focus on shifting perceptions, recognising the expertise you have and accepting that perfection is impossible.

Even still, imposter syndrome will be difficult to completely eliminate. Rather, it is more realistic for those working in cyber security to improve their awareness to what imposter syndrome exactly means and how to best move through any of those fraudulent feelings.

Imposter syndrome is not a new issue or an isolated issue, but for the cyber and wider information security industry it is an issue demanding closer attention. Companies and cyber security professionals need to address the prevalence of imposter syndrome. Without attention the possibility of improving the talent shortage and catching up to cybercrime will remain firmly out of reach.


Back to article list