Are CISOs burning out faster than ever in 2025?

CSOonline.com reported that “With CISO tenures averaging just three years, many are questioning whether relentless stress, liability, and limited rewards are making the role unsustainable.”  The October 7, 2025 article entitled " Is the CISO chair becoming a revolving door?” (https://www.csoonline.com/article/4066101/is-the-ciso-chair-becoming-a-revolving-door.html) included these comments:

CISO tenures average three years these days, according to co-founder of cybersecurity recruitment firm Icebergs Tom Chapman and based on the candidates he has placed. In a profession where the stakes are sky-high and the fallout from a single mistake can be career-defining, it raises a critical question: are CISOs leaving faster than ever before, and why?

It does differ from industry to industry, according to Chapman who points out, for example, that a CISO at a startup, who most often wears multiple hats and oversees more than just security, tend to have a shorter stint of 18 months to two years.

He says the reasons vary, but burnout is often a common denominator. “In the startup space, it is very fast paced,” Chapman says. “There’s also often not a lot of systems in place already for CISOs to work off, so they have to build from scratch, and usually not with the largest budgets in the world. Startups often go, ‘Oh, we can just hire one person to do everything’, and then we’ll be secure. But that’s obviously not the case.”

Is anyone surprised?