Enterprises are still recovering from the effects the COVID-19 pandemic and the Great Resignation have had on their workforce, and those in security roles may be feeling overwhelmed in their current positions. The State of Pentesting 2022 report from Cobalt details the difficulties those in cybersecurity are feeling due to labor shortages and burnout from their jobs.
Of the 602 security and development professionals surveyed, 54% said they currently want to quit their jobs due to overwhelming amounts of responsibilities and workforce shortages within their departments.
The security field is feeling the effects of talent shortage
Cobalt has found as part of its study that the lack of workers is plaguing those in the security field for a number of reasons. For one, within the cybersecurity division, the numbers are fairly bleak when it comes to lack of employees. Of those surveyed, 45% said their department is currently experiencing a shortage of employees. In addition, nearly all (90%) of those who have suffered from this talent deficiency said they are struggling with the amount of work currently being assigned to them, leading to a large swath of employees feeling burnt out. Teams in this sector are reportedly not able to fix or prevent the same vulnerabilities for at least the past five years in a row due to this dearth of talent.
SEE: Google Workspace vs. Microsoft 365: A side-by-side analysis w/checklist (TechRepublic Premium)
Another drawback for those in these roles is the feeling that decision makers are not providing teams with the resources they need to be successful. A handful of employees within security teams are being asked to take on a number of different tasks simultaneously, and simply cannot shoulder the amount of responsibility that was once handled by a larger workforce. Of the respondents, a whopping 94% said they have been negatively impacted by the lack of employees. Eleven percent of those in the field responded they expect to experience the same talent shortages in the future, and 38% said they had to deal with it in the last six months, but have been able to put a stop to it for now.
Due to the deficiency of security professionals, multiple areas are suffering when it comes to these effects. According to Cobalt’s study, the most affected areas are:
- Compliance to cybersecurity frameworks
- Supporting secure development
- Risk governance
- Maintaining critical security infrastructure
- Employee training
As the frequency of malware and ransomware hacks increase, it is imperative that businesses do what it takes to resolve these issues before attackers begin targeting their organization.
What businesses can do to offset resignations
To help with counteracting the talent shortage in security positions, Cobalt as three tips for organizations moving forward:
- Put employee development first
- Keep recruitment simple
- Streamline your onboarding
Making adequate concessions for employees could lead to greater amounts of retention, as many employers are reactive instead of proactive when it comes to their workforce. A large amount of the time, businesses only offer pay raises or additional benefits when an employee puts in their resignation notice. Providing competitive pay and benefits to employees ahead of time may encourage workers who want to stay, but largely feel that added compensation can only be earned outside of the organization. Additionally, 59% said their enterprise needed to place a greater emphasis on personal and professional development if they wanted to retain members of the workforce.
SEE: Top keyboard shortcuts you need to know (free PDF) (TechRepublic)
Of those who responded to Cobalt’s survey, 47% in the security field indicated that it was “slow and challenging” to bring in new employees to fill open roles. Inefficient recruitment processes can make this procedure even more difficult, so it is important that those in the hiring team are reviewing their steps and considering streamlining their tactics. Making sure the candidate has the requisite skills is obviously paramount, but by reducing the number of interviews or assignments for potential employees, the hiring process can be more effective and efficient.
The onboarding process can be a difficult one, as 70% of respondents said it takes at least three months to fully onboard a new hire. This can put a great deal of undue stress on the hiring team with the number of roles that must be filled. One suggestion is for hiring teams to consider pre-recorded training sessions that apply universally to speed up the onboarding process and allow the hiring team to get back to what they do best.