Training and certification offerings are becoming less effective in helping organizations retain security employees, according to an ISACA report.
Nearly 70% of organizations say their cybersecurity teams are understaffed, according to an ISACA report released on Monday. The report reveals the difficulties companies face keeping their offices staffed with cyber professionals, as employees frequently switch to other companies that offer better benefits.
This problem isn't new, however, as 84% of cybersecurity professionals in 2018 said they hoped to switch companies by the end of the calendar year; and some 60% of IT security professionals last year said they wanted to quit their jobs. The main reasons cited at the time were inadequate pay and a lack of growth opportunities.
SEE: Information security policy template download (Tech Pro Research)
The ISACA report surveyed more than 1,500 cybersecurity managers and employees, determining that the negative sentiments of 2018 remain strong in 2019. The majority (82%) of cybersecurity professionals said they leave companies because of better financial or career incentives elsewhere, or a lack thereof at their current workplace, the report said.
While 57% of respondents said their organizations have offered more training as incentives to retain employees, 58% of individuals said their organization still has cybersecurity positions that remain empty, the report added.
"We're in a highly fluid environment where organizations are increasingly challenged by competitive forces," said Rob Clyde, board chair of ISACA, in a press release. "Creative and competitive retention efforts are more important than ever in the current environment, and organizations should make it a priority to identify ways to boost their cybersecurity teams."
The report outlined the top three reasons cybersecurity pros said they are changing jobs:
- Money (82%)
- Environment (57%)
- Promotion (46%)
Organizations can help retain this tech talent by increasing autonomy and flexibility for employees, which can help them maintain a healthy work-life balance. Promoting programs and missions for social good can also help employee retention by providing actionable, real-life agency to the projects they work on.
For more tips on how to solve the cybersecurity talent gap in your organization, check out this TechRepublic article.
The big takeaways for tech leaders:
- Most cybersecurity professionals (82%) leave their companies for better financial or career incentives elsewhere. — ISACA, 2019
- More than half (57%) of respondents said training wasn't enough to retain cybersecurity talent. — ISACA, 2019
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- Phishing attacks: A guide for IT pros (TechRepublic download)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- The best password managers of 2019 (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)