Enhanced Investments - Financial Portal

New Research from TechTarget’s Enterprise Strategy Group and the Information Systems Security Association Reveals Continuous Struggles within Cybersecurity Professional Workforce

Published: 2023-09-06 12:00:00 ET

The sixth version of the landmark global study shows escalating career complexities and job discontent faced by cybersecurity professionals while the ongoing global skills shortage impacts 71% of organizations

NEWTON, Mass. & VIENNA, Va.--(BUSINESS WIRE)-- Enterprise Strategy Group, a division of TechTarget and Information Systems Security Association announced the publication of its research study titled, “The Life and Times of Cybersecurity Professionals.” The sixth edition of this project (published as an eBook this year) sought to assess the career progression of cybersecurity professionals, determine whether cybersecurity professionals are satisfied with their jobs and careers, measure the impact of the global cybersecurity skills shortage and uncover organizations’ response to it, and monitor the status and performance of cybersecurity leadership. The report reveals that the cybersecurity skills crisis continues in a multi-year freefall that has impacted 71% of organizations and left two-thirds of cybersecurity professionals stating that the job itself has become more difficult over the past two years—while 60% of organizations continue to deflect responsibility.

The report findings include:

A career in cybersecurity is becoming more difficult in an increasingly challenging environment. Nearly two-thirds (66%) of respondents believe that working as a cybersecurity professional has become more difficult over the past 2 years, with close to a third (27%) stating that it is much more difficult. Internal issues like workload complexity, staffing shortages, and budget deficits combined with external issues like the dangerous threat landscape and regulatory compliance challenges have made this profession progressively more difficult. Most (81%) respondents cite the increase in cybersecurity complexity and workload as the reason their careers are more difficult now. Over half (59%) point to the increase in cyberattacks due to an expanding attack surface and 46% state that their cybersecurity team is understaffed. Almost half (43%) agree that both budget pressures and regulatory compliance complexity have increased and present further challenges. Nearly one-in-ten (8%) of cybersecurity professionals have experienced one or several disruptive security events at their organization that have made their work more difficult.
Most cybersecurity professionals aren’t very satisfied with their career choices. Cybersecurity professionals face daily job stress like an overwhelming workload, working with disinterested business managers, falling behind business initiatives, and keeping up with the security needs of new IT projects. Little wonder then why less than half of security pros are very satisfied with their current jobs, and 50% of security pros claim it is very likely, likely, or somewhat likely they leave their current job this year.
The global cybersecurity skills shortage continues unabated. Most organizations (71%) report that they’ve been impacted by the cybersecurity skills shortage—a dramatic increase from 57% in the last study, leading to an increased workload for the cybersecurity team (61%), unfilled open job requisitions (49%), and high burnout among staff (43%), according to respondents. Further, nearly all (95%) respondents state the cybersecurity skills shortage and its associated impacts have not improved over the past few years and 54% (up 10% from 2021) say it has only gotten worse. When asked to identify areas where the security skills shortage is most acute, respondents pointed to application security, cloud security, and security analysis and investigations. A majority of respondents (60%) believe that their organization could be doing more to mitigate the cyber skills shortage, with over one-third (36%) stating that they could be doing much more. Respondents say that their organizations could be taking steps like increasing security professional compensation, providing advanced non-monetary incentives, educating HR professionals and recruiters, and increasing their commitment to cybersecurity training as ways to better address the ongoing skills shortage.
CISOs must lead the charge. When asked to identify the qualities that make CISOs successful, nearly three-quarters (71%) pointed toward leadership or communications skills. CISO effectiveness varies – 31% of respondents claim their CISO is very effective, 40% believe their CISO is effective, and 26% say their CISO is somewhat effective.

Survey respondents were also asked how their organizations could improve their overall cybersecurity programs. The top responses included increasing cybersecurity training for IT and security professionals, striving to improve the organization’s cybersecurity culture, hiring more staff, increasing the cybersecurity budget, and improving basic security hygiene and posture management.

“For a majority of organizations, cybersecurity continues to be treated as a cost center or compliance mandate versus a business enabler or growth driver,” said Candy Alexander, Board President, ISSA International. “Cybersecurity professionals are charged with protecting the organization while being overworked, overstressed, and understaffed. There was a point in time where organizations could get away with doing ‘good enough security,’ but those days are gone. Relentless, AI-fueled cyberattacks and expanding attack surfaces are a sampling of new problems that are going to overwhelm and overrun underinvested cybersecurity programs. Executive management needs to recognize that their business goals are only possible if cybersecurity successfully enables their business to operate in today’s threat environment day after day.”

“Cybersecurity professional jobs grow more challenging, nuanced, and specialized annually,” stated Jon Oltsik, Distinguished Analyst and Fellow, Enterprise Strategy Group. “My hope is that this eBook not only exposes these issues but also provides business leaders with some creative ways to address them. Trends like digital transformation and cloud computing combined with a progressively dangerous threat landscape are adding to the scale and complexity associated with strong cybersecurity. Understanding, supporting, and enabling our security professionals must be recognized as a foundational requirement in an increasingly digital world.”

The Life and Times of Cybersecurity Professionals (Volume 6) is available for free download on the Enterprise Strategy Group website and The Information Systems Security Association website. Enterprise Strategy Group and The Information Systems Security Association believe the data presented in the eBook can help business and IT leaders with personnel management and cybersecurity defenses. The eBook should also help cybersecurity professionals with career management.

About The Information Systems Security Association

The Information Systems Security Association (ISSA)™ is the community of choice for international cyber security professionals dedicated to advancing individual growth, managing technology risk, and protecting critical information and infrastructure. ISSA members and award winners include many of the industry’s notable luminaries and represent a broad range of industries – from communications, education, healthcare, manufacturing, financial and consulting to IT – as well as federal, state and local government departments and agencies. Through regional chapter meetings, conferences, networking events and content, members tap into a wealth of shared knowledge and expertise. Follow us on Twitter at @ISSAINTL.

Click on the link to learn more about ISSA.

About TechTarget’s Enterprise Strategy Group

TechTarget’s Enterprise Strategy Group is an integrated technology analysis, research, and strategy firm providing market intelligence, actionable insight, and go-to-market content services to the global technology community. It is increasingly recognized as one of the world’s leading analyst firms in helping technology vendors make strategic decisions across their go-to-market programs through factual, peer-based research. TechTarget, Inc. (Nasdaq: TTGT) is the global leader in purchase intent-driven marketing and sales services focused on delivering business impact for enterprise technology companies.

Click on the link to learn more about Enterprise Strategy Group.

View source version on businesswire.com: https://www.businesswire.com/news/home/20230906814498/en/

Kesselring CommunicationsLeslie Kesselringleslie@kesscomm.com (503) 358-1012

Source: The Information Systems Security Association

Enhanced Investments, Inc.
329 South Oyster Bay Road #2085
Plainview, NY 11803
team@eninvs.com

Important disclosures

Performance results were prepared by Enhanced Investments, and have not been compiled, reviewed or audited by an independent accountant. Performance estimates are subject to future adjustment and revision. Investors should be aware that a loss of investment is possible. Account holdings are for illustrative purposes only and are not investment recommendations. Additional information, including (i) the calculation methodology; and (ii) a list showing the contribution of each holding to the portfolio’s performance during the time period will be provided upon request.
All statements made via social media sites sponsored or maintained by Enhanced Investments and its affiliates are for informational purposes only and do not constitute a comprehensive description of Enhanced Investments' investment advisory services.
Certain investments are not suitable for all investors. Before investing, consider your investment objectives and applicable fees. The rate of return on investments can vary widely over time, especially for long term investments. Investment losses are possible, including the potential loss of all amounts invested. Information provided by Enhanced Investments is for informational and general educational purposes only and is not investment or financial advice.

Nothing on this website should be considered an offer, solicitation of an offer, or advice to buy or sell securities.
Past performance is no guarantee of future results. Any historical returns, expected returns [or probability projections] are hypothetical in nature and may not reflect actual future performance.
All the strategies assume investments in equity invstrumenta only and are more relevant for "agressive investment profile". Eastern European flagship strategy assumes using up to 20% leverage of total portfolio. GlobalCommodities and US Growth strategy currently assume no leverage.
Results for the Enhanced Investments strategies as compared to the performance of Illustrative Benchmarks is for informational purposes only. Our investment program does not mirror that of the Illustrative Benchmarks and the volatility may be materially different from the volatility of Illustrative Benchmarks. Reference or comparison to an Illustrative Benchmark does not imply that strategies of Enhanced Investments will be constructed in the same way as the Illustrative Benchmark or achieve returns, volatility, or other results similar to those of the Illustrative Benchmark. The S&P 500 is an unmanaged market capitalization-weighted index of 500 common stocks chosen for market size, liquidity, and industry group representation to represent U.S. equity performance.
Performance results were prepared by Enhanced Investments, and have not been compiled, reviewed or audited by an independent accountant. Performance estimates are subject to future adjustment and revision. Investors should be aware that a loss of investment is possible. Account holdings are for illustrative purposes only and are not investment recommendations. Additional information, including (i) the calculation methodology; and (ii) a list showing the contribution of each holding to the portfolio’s performance during the time period will be provided upon request.
All statements made via social media sites sponsored or maintained by Enhanced Investments and its affiliates are for informational purposes only and do not constitute a comprehensive description of Enhanced Investments' investment advisory services.
Certain investments are not suitable for all investors. Before investing, consider your investment objectives and applicable fees. The rate of return on investments can vary widely over time, especially for long term investments. Investment losses are possible, including the potential loss of all amounts invested. Information provided by Enhanced Investments is for informational and general educational purposes only and is not investment or financial advice.