Solving Cybersecurity Staff Churn
Staff churn is a huge issue for the cybersecurity industry. Frustrations are building among security teams as they face increasing cyberattacks, scrutiny from stakeholders and data overwhelm. This is made worse when paired with the cybersecurity skills shortage of around 3.5 million unfilled positions worldwide.
In this environment, it’s vital organizations find ways to retain their security staff for both the benefit of their teams’ well-being and their security posture. Automation, optimization and knowing what to measure all play a significant role in doing so.
What’s Driving Staff Churn?
A recent survey from Panaseer found that there’s a significant human impact of an enterprise’s security limitations, with ‘burnout’ cited alongside ‘data and tooling frustration’ as key drivers influencing resignations. The survey also found that these frustrations are caused primarily by a lack of visibility and understanding of security posture. In fact, the inability to continuously measure enterprise-wide security posture and identify control failures ranks top, frustrating over 70% of those surveyed and rising to 76% among C-suite security leaders.
The reality is, according to Microsoft, 98% of attacks can be protected against with basic cybersecurity hygiene. Yet data breaches are still a major issue, and the failure of expected controls are to blame. It’s therefore no wonder that frustration with tooling and data are the main factors driving resignations–and these are even greater influences than salary.
For unsatisfied security staff operating in such a competitive industry, it is hardly surprising many are tempted to make the move to a new organization with better processes and procedures in place.
Why Does it Matter?
Research into the issue of staff churn found that the biggest concern for security leaders is the loss of ‘tribal knowledge,’ which weakens security posture and hinders internal best practices. Tribal knowledge–the unique intelligence bespoke to a small group–carries significant value when processes are undocumented or incomplete, highlighting the heavy reliance and pressure placed on individual security professionals to hold together their organization’s cybersecurity.
Other concerns among security leaders include the potential for increased risk of insider threats and time wasted hiring and retraining rather than progressing cybersecurity objectives. Therefore, it seems change is needed. Security leaders and their teams cannot continue as they are with staff well-being compromised and an organization’s security posture weakened as a result.
Turning to Automation
Security leaders need to address frustrations at the source. Increasing automation, particularly for reporting and analysing complex security data, is one way of doing this. The average security team now spends almost 60% of its time on manual reporting, preventing professionals from higher-value cybersecurity tasks (e.g. threat detection and vulnerability patching) and limiting their opportunities to develop security skills. Introducing automation would help address the root of these issues by eliminating low-value and time-intensive manual tasks.
What’s more, organizations that are increasing their focus on automation are better positioned to manage their security posture. For example, when reports are conducted manually, they are both prone to human error and inefficient in managing, making it even more challenging to optimize security and prevent breaches.
As part of this, teams need to look to automate the aggregation and correlation of data from all security, business and IT tools. In doing so, they can more easily identify where there may be gaps in coverage and have the time available to bridge these gaps and eliminate the potential for security control failures.
Optimizing the Security Stack
There is also a tendency for teams to assume the key to a stronger security posture is investing in more tools. In reality, large enterprises likely already have all the tools they need. Adding more only serves to boost complexity and data, increasing the burden on security staff as a result. Instead, security leaders and teams need to optimize their existing security stack.
They need two things to do this: Better knowledge of what’s happening across their digital infrastructure and an in-depth understanding of what they should be measuring. The former should involve continuously measuring their tool effectiveness and gaining data intelligence on protection gaps through a single consolidated platform.
The latter continues to prove difficult to achieve – almost 50% of IT and security leaders say they don’t know the right security metrics to monitor. However, getting guidance from the experts and sharing insight and best practices with other leaders across the cybersecurity community can help change this. By having more open and transparent conversations through knowledge-sharing platforms, security professionals can benefit from the experience of others and be better positioned to know what to measure and how to most effectively manage their security posture as a result.
Looking Ahead
While the issue of staff churn won’t change overnight, the good news is that solutions are out there that can help lessen the frustrations of security professionals and reduce the factors that are driving resignations. Focusing on automating time-consuming and tedious processes (like manual reports) and optimizing existing tools to reduce complexity are key to rooting out security workforce frustrations.
And in relieving some of the pressure on their cybersecurity teams, organizations can improve their security posture and reduce risk in a complex threat landscape.
