Our IT Executive Roundtables are invite-only events hosted by peers for peers that bring together a select group of senior IT leaders from across industries for topic-driven, intimate dialog on current trends and topics. The group met remotely to discuss cybersecurity staff turnover and burnout led by the CSO of a leading American telecommunications company. This Session was sponsored by Swimlane.
Many organizations find it hard to build and mature their cyber programs because of the increased turnover and burnout of cybersecurity resources. What are some cultural and technological factors that contribute to this? More importantly, are there ways to improve cybersecurity staff satisfaction and retention?
At the start of the discussion, attendees were asked whether they were, or expect to be, under a hiring freeze. An IT Director said their department plans to hire 10-15 people because of newly passed legislation. A CTO added that even though they won’t be allowed to expand the IT department before next year, their company isn’t under a hiring freeze. A VP of IT remarked that they have such a lengthy and scrutinous hiring process that it’s sometimes hard to tell if a hiring freeze is active or not. A CISO chimed in to say that they have tripled in size in the last three years but have currently slowed down their hiring.
A participant shared that COVID created a lot of uncertainty within organizations. Employees were forced to work and collaborate remotely, which made them feel isolated and less connected to the brand. The lack of in-person meetings, water cooler conversations, and team bonding activities made them dissatisfied and demotivated. Turnover and burnout are especially high in cybersecurity departments because the demand for cybersecurity resources have? risen exponentially in the last few years. Today, every organization has a cyber program or is building one. The increasing contention for resources leads to understaffed and overworked cyber teams, susceptible to burnout and turnover.
Another participant talked about the gig economy and how it relates to employee turnover. The younger generation is always exploring avenues to move on and try new things. They don’t like to work at the same place for more than 2-3 years. As more and more companies go remote-first, people are no longer geographically constrained, which has made job switching more accessible than ever before. This paradigm shift has also changed hiring expectations. In the past, if your resume showed too many quick switches, it was considered a negative. Today, it’s not frowned upon.
A speaker exclaimed that it’s crucial to ensure that automation doesn’t create job security concerns within your workforce. It’s natural for people to think they will be automated out of their jobs, which may compel them to consider other opportunities. The goal of automation shouldn’t be to replace resources but to empower them to focus on higher-value items. If someone’s job has been automated, invest in upskilling them and offer them a different career path that makes them feel more valuable. Build an organizational culture that encourages automation to drive efficiency and productivity.
Multiple executives agreed that it’s important to periodically assess your tech stack and adapt according to changing market dynamics and expectations. A vendor can go from being a market leader to falling behind within months. Or they may get acquired, which may limit their ability to innovate. Fortunately, most SaaS products have subscription models, making switching easier. However, keeping user experience, adaptability, and business needs top-of-mind while replacing platforms is crucial. Don’t just switch for the sake of getting the new shiny platform. Before making an investment, ensure that it will act as an enabler for your workforce and will enhance, not hamper, their productivity.
From balancing security with user experience to ensuring scalability, integrating new solutions, and navigating compliance complexities, this Executive Roundtable offered a comprehensive exploration of the strategies and insights essential for safeguarding digital identities.
Multi-factor authentication (MFA) and one-time-passwords (OTPs) are being used to verify identities, some argue, at the cost of customer convenience. So how do you implement security controls for your customers without asking them to do too much?
The difficulty of juggling multiple tools manifests in increased complexity, soaring costs, and potential security vulnerabilities. Consolidation of these tools is essential and needs a process that requires strategic planning to reduce complexity and enhance efficiency.