March 2, 2018 By Shane Schick 2 min read

Money takes a back seat to respect and empowerment when IT workers make decisions about cybersecurity employment, according to a recent survey. ISC2’s “Hiring and Retaining Top Cybersecurity Talent” report revealed that 84 percent of cybersecurity workers are open to leaving their current role this year, including 14 percent who are actively looking for new employment.

Respect Tops IT Workers’ Cybersecurity Employment Wish List

A skill set of such mission-critical importance is in high demand, but the survey suggested that many security professionals are ready to jump ship because their current employer doesn’t listen to them well enough. About half of respondents (49 percent) cited salary as an important consideration when looking for new cybersecurity employment, behind a strong voice within the company (68 percent), an opportunity to “protect people and their data” (62 percent) and adherence to a code of ethics (59 percent).

When security professionals decide to make the leap to a new firm, 62 percent want their employer to clearly spell out their cybersecurity responsibilities rather than weaving data protection into a more general IT management role. In addition, 59 percent of survey respondents said they wanted to work for a company that invests in security training and emerging technologies.

The Domino Effect of the Cybersecurity Skills Shortage

Other research has shown that the cybersecurity skills gap is contributing to job fatigue among established IT professionals. For example, 51 percent of organizations surveyed by Enterprise Security Group (ESG) said they faced a “problematic shortage” of cybersecurity skills in 2018, which is up from 45 percent in 2017.

This dearth of talent places an even heavier burden on experienced IT workers, which may be another factor that leads them to seek greener pastures. Sixty-three percent of respondents to the ESG survey said the skills shortage has increased the existing staff’s workload. Additionally, 41 percent said this has forced them to spend nearly all their working hours putting out high-priority fires, which contributes to rising levels of stress in the workplace.

Organizations can’t afford to lose their top talent. By focusing on ways to reduce the pressure placed on existing staff and tapping new pools of talent to fill the skills gap, companies can make strides toward fixing the issues that influence IT professionals to seek new cybersecurity employment.

More from

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models

4 min read - With generative artificial intelligence (gen AI) on the frontlines of information security, red teams play an essential role in identifying vulnerabilities that others can overlook.With the average cost of a data breach reaching an all-time high of $4.88 million in 2024, businesses need to know exactly where their vulnerabilities lie. Given the remarkable pace at which they’re adopting gen AI, there’s a good chance that some of those vulnerabilities lie in AI models themselves — or the data used to…

FBI, CISA issue warning for cross Apple-Android texting

3 min read - CISA and the FBI recently released a joint statement that the People's Republic of China (PRC) is targeting commercial telecommunications infrastructure as part of a significant cyber espionage campaign. As a result, the agencies released a joint guide, Enhanced Visibility and Hardening Guidance for Communications Infrastructure, with best practices organizations and agencies should adopt to protect against this espionage threat. According to the statement, PRC-affiliated actors compromised networks at multiple telecommunication companies. They stole customer call records data as well…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today