The Great Resignation and the Cybersecurity Industry
The Great Resignation and the Cybersecurity Industry
A report detailing the stress of those who work in the cybersecurity industry was released this month. The company Deep Instinct released The Voice of SecOps Report, a study focusing on the increasing and unsustainable stress levels among 1,000 C-suite and senior cybersecurity professionals across all industries and roles. The research found that 45% of respondents have considered quitting the industry due to stress, with the primary issues being an unrelenting threat from ransomware and the expectations to always be on call or available. Moreover, cyber professionals often take the fall for issues involving ransomware remediation, negotiation, and restoration efforts.
“In a culture of the blame game, the pressure of failure weighs heavily on security analysts. Visibility across the entire IT landscape is a challenge, leaving them blind to many issues. They are working over hours, sometimes 16-18 hours a day, to keep the organization secure and the responsibility to catch a misconfiguration or mistake by an employee clicking on a malicious link falls back on them,” said Deep Instinct Director of Product Solutions Karen Crowley.
This is on top of a sector which has continually struggled to maintain adequate staffing levels. “As in past years, filling cybersecurity roles and retaining talent continues to be a challenge for many enterprises” said the ISACA in announcing a new survey report titled “State of Cybersecurity 2022: Global Update on Workforce Efforts, Resources and Cyberoperations.” “Sixty-three percent of respondents indicate they have unfilled cybersecurity positions, up eight percentage points from 2021. Sixty-two percent report that their cybersecurity teams are understaffed. One in five say it takes more than six months to find qualified cybersecurity candidates for open positions.”
How to retain employees in the Great Resignation
Adapting to remote work
One of the greatest challenges for cybersecurity professionals is moving from working in the office to remote working. While the improved flexibility has been a silver lining of the pandemic for many, it has added another stress to those working in cybersecurity and ensuring their users were adequately protected while working from home. Overall, this has benefitted those working in cybersecurity as it has offered a larger pool of cyber talent since geography is not the consideration it once was. Kathryn Barnes, Employment Counsel EMEA at G-P expands, “it’s important to remember that today’s workplace looks very different to how it was pre-pandemic, with 98% of businesses now enjoying remote work of some variety. You get so much more out of your employees when they work flexibly, and as the workplace continues to evolve through 2022 and beyond, the biggest pitfall a company can make is not embracing change. Companies have already invested in online infrastructure that allows employees to work from anywhere, so I expect they will expand using these models, testing the market in new regions. Whilst staff shortages remain top of mind for employers, the talent pool is larger and more global than it’s ever been – people are no longer confined to looking for talent in just their immediate location. Ultimately, by being flexible and trying new approaches, companies can implement change for the better – in the best interests of their employees and business growth.”
Another key factor in retention rates is recognising the importance of personal development. “Research suggests more than ever that if employers are to retain their people that they have to look beyond the traditional loyalty drivers and focus on offering environments in which people can learn, grow and develop”, highlights Dave Birchall, Chief People Officer at Node4. “In order to keep pace with the growth of technologies, organizations must enable their people to explore career options and be supported to learn and develop without needing to look for a new employer.”
Automation is one way to manage the talent shortage as this can take care of the basic routine tasks. This helps the analysts work smarter and put their skills to good use wherever they are needed most. However, in the era of the Great Resignation, this model can be sustainable only if it is supplemented by talent nurturing, upskilling and reskilling strategies. All businesses are trying to fish for talent from the same pond so organizations should actively work on creating a skills pipeline for cybersecurity roles internally and investing in training and retention of the existing workforce. A regular rhythm of review and updation can be set for these specialized roles to increase the relevance and make it more fulfilling both for the employees as well as the organization
Employers have a responsibility to address increasing resignations in the cyber security industry. Creating the right environment is not a luxury when it comes to retaining staff, it’s a necessity. They should understand core leadership purposes and principles, ensuring they don’t simply assign tasks but also provide employees with the tools and support needed to succeed in the workplace.
“Good leadership focuses on breeding good culture. Employer brand, role and salary might be what attracts people to join an organization, but it is culture that makes them stay. Teams need to be made to feel comfortable, both physically and intellectually. Leaders need to build a supportive culture that rewards employees for engaging with the businesses,” Ilona Simpson, CIO of Europe, the Middle East and Africa (EMEA) at Netskope, staed, agreeing that high rates of employees resigning from security positions can have severe consequences for organizations.
“This certainly isn’t easy in the hybrid working world (and no one said it would be), but it isn’t impossible. I have always found the best security talent to be people who bring intellectual curiosity and a bias for problem solving to a team. So a simple step in those cases is to help rid them of admin work and let them focus on problem solving.”
The cybersecurity sector certainly hasn’t been the only one to face the effects of the Great Resignation. The hospitality and retails sectors have all faced a mass exodus of employees. It is important for all businesses to focus on how to obtain new staff as well as doing what they can to retain their current employees. Employers must now recognize that in order to attract and retain staff, they have to step things up a gear. For example, building a strong company culture with good benefits is key to creating a business that staff want to work for, creating a more open workplace or by improving staff mental health.
Monitoring Remote Sessions
With more employees working from home, companies are seeking ways of monitoring remote sessions. One compelling case can be made for recording remote sessions for later playback and review. Employers are concerned that in the event of a security breach, they won’t be able to see what was happening on users’ desktops when the breach occurred. Another reason for recording remote sessions is to maintain compliance, as required for medical and financial institutions or auditing for business protocols, etc.
TSFactory’s RecordTS v6 will record Windows remote sessions reliably and securely for RDS, Citrix and VMware systems. Scalable from small offices with one server to enterprise networks with tens of thousands of desktops and servers, RecordTS integrates seamlessly with the native environment.
Click here to learn more about secure remote session recording.
Sources
https://business.express/the-impact-of-the-great-resignation-on-cyber-security/
https://cybermagazine.com/cyber-security/what-can-be-done-about-great-resignation
https://virtualizationreview.com/articles/2022/03/24/cybersecurity-staffing.aspx
https://www.computerweekly.com/feature/How-to-retain-cyber-talent-in-the-Great-Resignation
https://www.bisinfotech.com/how-to-retain-cyber-talent-in-the-great-resignation-wave/
https://www.deepinstinct.com/news/the-great-resignation-reaches-the-cybersecurity-industry
https://virtualizationreview.com/articles/2022/03/24/cybersecurity-staffing.aspx
