Skip to content

Cybersecurity Workforce Hiring and Retention Remain Difficult

Cyber workforce order doesn't solve the retention problem - FCW

A recent survey found that it is becoming more difficult to find and keep cybersecurity Cybersecurity Workforce. According to the ISACA research, 63% of polled security professionals said they have open positions. That represents an 8% increase from 2021. 62% of respondents state that their teams are understaffed.

These numbers are alarming in a world where threats are becoming more complex. More than 2,000 workers from around the world gave their perspectives to the seventh annual survey. Important trends in staffing, skills, resources, threats and security maturity are indicated by the results.

Cybersecurity Workforce: The Great Resignation

The fact that so many people have left the field of security is part of the issue with understaffed security teams. 60% of respondents, up 7% over the previous year, identified talent retention as a major issue.

According to the research, the following are the main reasons cybersecurity workers quit their jobs:

  • Recruited by other companies (59%)
  • Poor financial incentives, salaries, or bonuses (48%)
  • Limited promotion and development (47%)
  • High work stress levels (45%)
  • Lack of management support (34%).

Although many employees are leaving, 20% of respondents stated this often takes longer than six months to fill unfilled positions with qualified candidates. According to the survey, 63% of respondents say it typically takes more than three months to fill a position. As a result, talent is almost always in need. Employee attrition could result from this, which costs the business time and resources.

Filling the Skills Gap with Cybersecurity Workforce

After hiring security workers, companies then have to manage a skills gap, according to ISACA. Soft skills (54%), cloud computing (52%), and security controls (34%) are common skill gaps that respondents find in the market today. The most important soft skills, according to the study, were problem-solving (49%), critical thinking (56%), and communication (57%).

Interviewees stated they use more contractors and consultants and cross-train their employees to deal with these skills gaps. It is not surprising that many businesses choose managed cybersecurity services given the talent shortage.

No Degree Required

Employers used to favor university-educated security workers when hiring. In contrast to 2021, fewer respondents (52%) now say they are necessary.

One of the causes of this trend is the tight labor market. The expansion of educational opportunities outside of universities and the rise of self-taught workers may also be contributing factors.

Willing to Pay the Price

The ISACA report also shows that more businesses are prepared to set aside funds to support cybersecurity workforce initiatives. 42% of respondents, the highest number in eight years, believe their cybersecurity workforce budgets are sufficiently funded. 55% of respondents to the poll believe their organizations will raise their spending on cybersecurity.

We can only hope that increased funding, flexible hiring standards, and outsourcing security services will be sufficient to meet future security issues.

Want to know more about Cybersecurity? Visit our course now.


Here at CourseMonster, we know how hard it may be to find the right time and funds for training. We provide effective training programs that enable you to select the training option that best meets the demands of your company.

For more information, please get in touch with one of our course advisers today or contact us at training@coursemonster.com