Longstanding talent gaps on the cybersecurity landscape have been compounded in the era of The Great Resignation. ISACA’s free State of Cybersecurity 2022 report shows most companies have significant work to do to find and retain the cybersecurity talent they need.
Sixty-three percent of respondents indicate they have unfilled cybersecurity positions, up eight percentage points from 2021. Additionally, 62 percent report that their cybersecurity teams are understaffed, and 60 percent of respondents report difficulties retaining qualified cybersecurity professionals, up seven points from 2021.
Retention has become a major sticking point for companies in most industries as the pandemic has paved the way to what has been termed “The Great Resignation.” In a cybersecurity context, that trend has been amplified by the availability of so many open positions.
According to the ISACA data, the top five reasons cybersecurity professionals are leaving jobs are:
- Recruited by other companies (59 percent)
- Poor financial incentives in terms of salary or bonus (48 percent)
- Limited promotion and development opportunities (47 percent)
- High work stress levels (45 percent)
- Lack of management support (34 percent)
Given the ongoing hiring challenges, many in the industry are calling for more flexible requirements for various open positions. Just more than half (52 percent) of respondents indicate university degrees are required for entry-level positions, down 6 percentage points from the year before.
As ISACA Board Director Rob Clyde wrote in a recent article for Infosecurity Magazine, “It’s incumbent upon CISOs and other security leaders to have proactive conversations with HR teams and hiring managers about not being overly prescriptive about experience and education requirements. Additionally, the industry needs to be intentional about creating job descriptions that appeal to a wide pool of candidates, including women and other groups that are traditionally underrepresented in security.”
Jonathan Brandt, director of professional practices and innovation at ISACA, and Mark St. John, senior vice president, product, at LookingGlass Cyber Solutions, will discuss these findings further in a free webinar taking place on 31 March at 12:00 PM (EDT)/11:00 AM (CDT)/9:00 AM (PDT)/4:00 PM (UTC). To register, visit https://store.isaca.org/s/lt-event?id=a334w000004gM03AAE.
For full study results, download the free State of Cybersecurity 2022 report at www.isaca.org/state-of-cybersecurity-2022.