AI Adoption Increasing Cybersecurity Burnout In India

A recent report based on a survey conducted among cybersecurity professionals has revealed that cybersecurity burnout has increased in India, with 95% of organisations surveyed experiencing issues in 2025 compared with 83% in 2024. This heightened stress is primarily driven by increased threat activity, pressure from boards and executive leadership, as well as cyber alert overload. 
 
The study—now in its fifth edition—was based on a survey of 926 domain experts in India and the larger APAC region and was produced by cybersecurity player Sophos in collaboration with Tech Research Asia (now part of Omdia).
 
The report also highlighted how AI is having a two-pronged effect on cybersecurity with AI-powered security tools helping to alleviate some of the issues associated with fatigue, while shadow AI use by employees is complicating cybersecurity efforts.

According to the report, burnout levels among cybersecurity professionals have risen year-on-year in India, with 95% of organisations surveyed reporting issues in 2025 compared with 83% in 2024. The severity of burnout has also increased, with 47% of organisations surveyed saying burnout is frequently experienced (up from 37% in 2024).

“The triad of increased threats, executive demands, and alert overload is making cybersecurity unsustainable for many teams,” said Aaron Bugal, field chief information security officer, APJ, Sophos. “This year’s findings reinforce what we’ve observed in the field: cybersecurity stress and burnout are more than just operational concerns—they’re cultural, strategic, and deeply human challenges. AI tools, when deployed thoughtfully, can provide relief by scaling operational capability and enabling faster incident response. But the surge of shadow AI—unauthorised, unregulated AI tools being used by employees—poses new risks that many organisations are not prepared for.

Encouragingly, the report also revealed that 87% of organisations in India now provide counselling to those experiencing stress and burnout, up from 74% in 2024.

"We’re witnessing a new era where security awareness must extend beyond phishing emails to include how people use and share sensitive data through AI tools. Governance and clear boundaries around AI usage are essential,” Bugal added. 

Business Impact Of Burnout
The report reveals that cybersecurity stress is not just a tech issue but a business one as burnout affects productivity, incident response, employee retention, and contributes to breaches.

According to the report, 97% of the Indian organisations surveyed are already using business AI tools such as ChatGPT, co-pilots, and agentic AI, and 92% have a formal AI strategy in place. Among those using AI in cybersecurity, the biggest benefit reported was accurate triaging and escalation of incidents, helping reduce stress and improving response speed.

However, 62% of respondents admitted to shadow AI usage—employees using unauthorised tools—while another 31% were unsure whether shadow AI was in their organisations. The lack of visibility into what tools are being used, what data they access, and which employees are using them is creating new risks.

Other Key Insights
Burnout effects performance: The top reported effects of burnout amongst Indian organisations are underperformance within IT and cybersecurity teams, slower incident response times, and growing cynicism and detachment from cybersecurity responsibilities.

Budgets are on the rise: 71% of Indian organisations surveyed plan to increase their cybersecurity budgets in the next year, with 30% increasing by 10% or more and 41% increasing by 5–9.99%.

Struggling on multiple fronts: Indian respondents say it is hard to keep up with the pace of cybersecurity threats, regulations and legislation are reactive and make managing cybersecurity more difficult, and they struggle to create a strong security culture across the company.

According to Sophos, these findings underline the need for robust AI governance frameworks that not only define policy but also enforce oversight, especially as AI continues to be woven into core business operations.