Covid-19 And The Impact On Cybersecurity
There is no denying that Coronavirus (Covid19) has heavily impacted both our economy as well as our everyday lives. However, this post is not meant to rehash what has already been said in the news but rather to highlight the additional stress and pressure that this puts on cybersecurity professionals. Recently, our CEO Kris Rides spoke at Wild West Hacking Fest which was originally set to take place in San Diego but much like many conferences went virtual. The talk, which centered around recruiting and retaining cybersecurity staff, drew alarming statistics from ISACA’s annual State of Cybersecurity. These numbers show that CISO’s may have their work cut out for them when it comes to retaining staff and we do not think the current pandemic and any resulting downturn is going to bridge the skills gap.
Why CISO’s Are In A Difficult Situation
The findings from ISACA’s State of Cybersecurity 2020 show that the cybersecurity field faced many obstacles. The biggest of which revolve around the current skills gap and lack of staff retention. The study found that 62% of companies were understaffed and 57% had open positions. These numbers gathered are more noteworthy when you consider the fact that understaffed teams are likely to have experienced more cyberattacks in the past year. It’s no surprise that a cyber-attack leads to the fall out of stressed staff leaving and usually the budget / headcount they have been asking for is finally approved. With a field that is as important and demanding as cybersecurity, it is crucial that companies not only find capable staff but figure out a means to retain them. The study went on to show that retention is similarly an issue for most cybersecurity companies. According to the findings, 70% of respondents considered themselves to be “in play” for recruitment. If you are a CISO dealing with all of the pressure that goes along with that role, whilst the average position takes over 6 months to fill and statistically 7 out of 10 of your staff are looking elsewhere there should be no surprise that stress levels are high. This situation is compounded by the fact that this pandemic is forcing many companies to rush to remote working and add new software to their stack without following their usual plans are just adding to the pressure. Bad actors are of course taking advantage of the pandemic with targeted phishing attacks and malware laced covid-19 informational websites. There will be some sort of impact for all companies and we are already seeing headcount put on hold within cybersecurity teams but we expect once some of this uncertainty has settled many of these teams will get exceptions to hire. With all this going on will companies risk heavily cutting budgets to cyber security teams? We don’t think that this short-sighted approach will be common but no doubt some CISOs will end up as scapegoats of firms that work this way. A downturn isn’t going to bridge the skills gap but it is going to add additional pressure on cyber security teams so please keep an eye on your colleagues and provide the extra support they need.
What We Can Do And Our Stance
Tiro Security knows that with everything going on in the world, every single person is feeling its effect. We hope everyone stays healthy both physically and mentally during this time. Our CEO Kris Rides will be putting together some free videos focused on giving advice around recruitment and retention. Connect with him on LinkedIn, as he is always willing to try to help with retention issues whether you are a current client or not. Of course as a boutique cyber security recruitment company we hope your business will consider looking to us for assistance on your cyber security staffing needs.