March 2, 2018 By Shane Schick 2 min read

Money takes a back seat to respect and empowerment when IT workers make decisions about cybersecurity employment, according to a recent survey. ISC2’s “Hiring and Retaining Top Cybersecurity Talent” report revealed that 84 percent of cybersecurity workers are open to leaving their current role this year, including 14 percent who are actively looking for new employment.

Respect Tops IT Workers’ Cybersecurity Employment Wish List

A skill set of such mission-critical importance is in high demand, but the survey suggested that many security professionals are ready to jump ship because their current employer doesn’t listen to them well enough. About half of respondents (49 percent) cited salary as an important consideration when looking for new cybersecurity employment, behind a strong voice within the company (68 percent), an opportunity to “protect people and their data” (62 percent) and adherence to a code of ethics (59 percent).

When security professionals decide to make the leap to a new firm, 62 percent want their employer to clearly spell out their cybersecurity responsibilities rather than weaving data protection into a more general IT management role. In addition, 59 percent of survey respondents said they wanted to work for a company that invests in security training and emerging technologies.

The Domino Effect of the Cybersecurity Skills Shortage

Other research has shown that the cybersecurity skills gap is contributing to job fatigue among established IT professionals. For example, 51 percent of organizations surveyed by Enterprise Security Group (ESG) said they faced a “problematic shortage” of cybersecurity skills in 2018, which is up from 45 percent in 2017.

This dearth of talent places an even heavier burden on experienced IT workers, which may be another factor that leads them to seek greener pastures. Sixty-three percent of respondents to the ESG survey said the skills shortage has increased the existing staff’s workload. Additionally, 41 percent said this has forced them to spend nearly all their working hours putting out high-priority fires, which contributes to rising levels of stress in the workplace.

Organizations can’t afford to lose their top talent. By focusing on ways to reduce the pressure placed on existing staff and tapping new pools of talent to fill the skills gap, companies can make strides toward fixing the issues that influence IT professionals to seek new cybersecurity employment.

More from

CISA hit by hackers, key systems taken offline

3 min read - The Cybersecurity and Infrastructure Security Agency (CISA) — responsible for cybersecurity and infrastructure protection across all levels of the United States government — has been hacked.“About a month ago, CISA identified activity indicating the exploitation of vulnerabilities in Ivanti products the agency uses,” a CISA spokesperson announced.In late February, CISA had already issued a warning that cyber threat actors are exploiting previously identified vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways. Ivanti Connect Secure is a widely deployed…

Cloud security evolution: Years of progress and challenges

7 min read - Over a decade since its advent, cloud computing continues to enable organizational agility through scalability, efficiency and resilience. As clients shift from early experiments to strategic workloads, persistent security gaps demand urgent attention even as providers expand infrastructure safeguards.The prevalence of cloud-native services has grown exponentially over the past decade, with cloud providers consistently introducing a multitude of new services at an impressive pace. Now, the contemporary cloud environment is not only larger but also more diverse. Unfortunately, that size…

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today