Story image

Open for opportunity: What's driving security pros to consider another job

12 Mar 2018

While the security skill shortage continues to bite, research from the United States and Canada suggests that 84% of cybersecurity workers are either planning a new job search or are open to new opportunities this year.

(ISC)² conducted a blind survey of 250 cybersecurity professionals as part of its Hiring and Retaining Top Cybersecurity Talent report.

Despite the small sample size, it found that workers are considering what other prospects are on the horizon.

Only 15% of employees say they have no plans to switch jobs this year; 14% plan to look for a new role and 70% are open to new opportunities.

The high demand for security skills may be motivating employees to look elsewhere, combined with misaligned expectations between workers and their organisations.

(ISC)² COO Wesley Simpson says the security workforce is experiencing rapid growth. Turnover within security teams is making the hiring process even more challenging.

 “It is more critical than ever for organisseations to ensure their recruitment and employment retention strategies are aligned with what cybersecurity professionals want most from an employer.”

Salary is not the top priority for cybersecurity professionals’ personal fulfilment. 68% want to work where their opinions are taken seriously and 59% want to work for an employer that adheres to a strong code of ethics.

Their professional goals vary: 62% want to work to clearly defined ownership of cybersecurity responsibility. 59% want an employer that views cybersecurity more broadly than just technology. 58% say they use network monitoring skills on a daily basis; 53% use security analysis skills; 53% use security administration skills and 47% use intrusion detection skills.

“Our study sheds light on what motivates cybersecurity jobseekers and what’s most important to them for professional and personal fulfilment. Armed with this insight, employers can do a much better job appealing to top cybersecurity professionals, and retaining their talent and expertise for the long term,” Simpson continues.

Employers also fail to impress cybersecurity jobseekers and current staff. Employers may not realise that recruiters are also aggressively pursuing their cybersecurity workforce.

13% say they are contacted ‘many times a day’ by recruiters, while 34% say it happens a couple of times a month.

Jobseekers say that vague job descriptions or ones that inaccurately reflect responsibilities; or job posts that ask for insufficient qualifications all demonstrate and organisation’s lack of security knowledge.

85% of security professionals would investigate a potential employer’s security capabilities before taking a job. 52% are likely to take a job with a firm that takes security seriously; and 40% will work with a firm that needs security improvements.

Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Norwegian aluminium manufacturer hit hard by LockerGoga ransomware attack
“IT systems in most business areas are impacted and Hydro is switching to manual operations as far as possible.”
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.