Cybersecurity leaders anticipate massive layoffs within the year – here’s why


Image: Getty Images/Maskot

Four in 10 UK cyber leaders say stress can push them to quit their job within a year, according to a new study. Combined with the ongoing skills crisis, mass layoffs could put many sectors in a precarious situation.

Cybersecurity services firm Bridewell surveyed 521 critical national infrastructure decision-makers across multiple industries, and found that 95% experience factors that make them likely to leave in the next 12 months. These leaders overwhelmingly attributed their desire to leave their position to two dominant causes: 42% say a cyber breach is inevitable and don’t want it to hurt their careers, and 40% say stress and burnout are a major impact on their personal lives.

Reasons for wanting to leave the profession vary based on seniority level, Bridlewell found. For example, C-level executives are more likely to fear a cyber attack, while those at executive level report higher levels of stress and burnout. Department heads are more likely to be forced to leave by unrealistic expectations, while managers are more driven by pay.

Cybersecurity burnout has been a concern for months, especially as ransomware threats hit record highs. Indeed, 72% of respondents say that cyber-attacks have increased since the Russian invasion of Ukraine, and 79% believe their operations will be significantly disrupted by ransomware in the next 12 months. In addition, 87% of respondents surveyed by Bridewell said they were afraid of losing their job as a result of a cyber attack.

SEE: Ransomware is the biggest global cyber threat. And the attacks are still evolving

The situation is exacerbated by the ongoing cybersecurity crisis. Many professionals lack the skills and qualifications needed to protect IT systems from security threats, especially since traditional security operations centers now require more than 40 different tools to ensure cloud and other system security – and these tools are available 24 hours a day. day-to-day supervision, as well as expert configuration.

Bridewell reports that 68% of leaders say it has become more difficult to recruit the right people to secure and monitor systems in the past 12 months, in part due to the high demand for cybersecurity professionals. Furthermore, 56% of respondents believe that the proposed regulatory updates around network and information systems are unfeasible – 55% are still trying to meet the original requirements.

SEE: Hacking Gets Dangerously Real: 8 Cybersecurity Predictions to Watch for

The prevalence of remote and hybrid workers adds another dimension to the cybersecurity skills crisis, as does the migration of data and applications to the cloud, leaving corporate networks and data more vulnerable to cyber-attacks. According to Bridewell, 28% of cyber leaders report that they don’t think they have the right skillset to secure a remote work environment — something that needs to be addressed urgently if companies want to evolve the workplace beyond the office.

In regards to efforts to reverse the cycle of employee burnout and retention within the industry, Bridewell CEO Scott Nicholson said employers should expand the scope of their workforce searches to other industries and professions. “The biggest trick organizations miss when it comes to closing the cyber skills gap is not hiring people from other disciplines,” Nicholson said.

“This only fuels the situation and means companies could be missing out on great candidates with transferable skills.”