- ICO Warns of Festive Mobile Phone Privacy Snafu
- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
- El papel del CIO en 2024: una retrospectiva del año en clave TI
- How control rooms help organizations and security management
- ITDM 2025 전망 | “효율경영 시대의 핵심 동력 ‘데이터 조직’··· 내년도 활약 무대 더 커진다” 쏘카 김상우 본부장
Forrester Predicts Mass Cybersecurity Brain Drain
Analyst house Forrester has warned of a significant exodus of cybersecurity professionals from the industry due to stress, burnout and limited career progression opportunities.
In its 2022 predictions report for cybersecurity, risk and privacy, the firm said as many as a tenth of professionals could head for the exit.
Some of this may be part of what’s being dubbed the “Great Resignation” — a period of post-pandemic reflection leading many individuals to change career paths.
Forrester also pointed to a Chartered Institute of Information Security study from last year, revealing that 54% of respondents had either left a job due to overwork or burnout or have worked with someone who has.
A more recent study from the same organization claimed that over half (51%) of cybersecurity professionals are kept up at night by the stress of the job.
The latest figures from ISC2 out this week actually revealed a drop in the global shortfall of cybersecurity professionals for the second year in a row. However, the group also warned that the size of the workforce is still 65% below what it needs to be, with demand growing everywhere but APAC.
For 2022, Forrester also predicted that 60% of security incidents would result from problems with third parties as supply chains expand to help firms better manage risk and plan contingencies.
To help mitigate these challenges, organizations will increasingly embed cybersecurity policies into third-party contracts, the analyst claimed.
“Before signing new and renewing existing suppliers, organizations will demand policies embedded in their contracts stipulating that the partner assumes the risk of an intruder jumping from the partner’s to the organization’s environment,” it explained.
“Smaller policies reduce exposure for cyber-insurers, while also reducing the policyholder’s risk of working with new and existing suppliers with varying cybersecurity postures. Expect thorough scrutiny of your third-party risk program and supplier tiers if buying these policies.”