- Join BJ's Wholesale Club for $20, and get a $20 gift card: Deal
- Delivering better business outcomes for CIOs
- Docker Desktop 4.35: Organization Access Tokens, Docker Home, Volumes Export, and Terminal in Docker Desktop | Docker
- Cybercriminals Exploit DocuSign APIs to Send Fake Invoices
- Your iPhone's next iOS 18.2 update may come earlier than usual - with these AI features
Forrester Predicts Mass Cybersecurity Brain Drain
Analyst house Forrester has warned of a significant exodus of cybersecurity professionals from the industry due to stress, burnout and limited career progression opportunities.
In its 2022 predictions report for cybersecurity, risk and privacy, the firm said as many as a tenth of professionals could head for the exit.
Some of this may be part of what’s being dubbed the “Great Resignation” — a period of post-pandemic reflection leading many individuals to change career paths.
Forrester also pointed to a Chartered Institute of Information Security study from last year, revealing that 54% of respondents had either left a job due to overwork or burnout or have worked with someone who has.
A more recent study from the same organization claimed that over half (51%) of cybersecurity professionals are kept up at night by the stress of the job.
The latest figures from ISC2 out this week actually revealed a drop in the global shortfall of cybersecurity professionals for the second year in a row. However, the group also warned that the size of the workforce is still 65% below what it needs to be, with demand growing everywhere but APAC.
For 2022, Forrester also predicted that 60% of security incidents would result from problems with third parties as supply chains expand to help firms better manage risk and plan contingencies.
To help mitigate these challenges, organizations will increasingly embed cybersecurity policies into third-party contracts, the analyst claimed.
“Before signing new and renewing existing suppliers, organizations will demand policies embedded in their contracts stipulating that the partner assumes the risk of an intruder jumping from the partner’s to the organization’s environment,” it explained.
“Smaller policies reduce exposure for cyber-insurers, while also reducing the policyholder’s risk of working with new and existing suppliers with varying cybersecurity postures. Expect thorough scrutiny of your third-party risk program and supplier tiers if buying these policies.”