Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security Leadership and ManagementCybersecurity News

Research Reveals Cybersecurity Profession at Risk

cyber5-900px.jpg
October 9, 2016

A study has revealed that nearly two-thirds (65%) of cybersecurity professionals struggle to define their career paths.

The study by the Information Systems Security Association (ISSA) and independent industry analyst firm Enterprise Strategy Group (ESG) found two big “red flags”: The majority of cybersecurity professionals aren’t receiving the right level of skills development to address the rapidly evolving threat landscape. And the skills shortage has created a job market that represents an existential threat, adding job-related stress to cybersecurity personnel while making it harder for organizations to protect critical IT assets.

When it comes to the CISO, the research found that he or she succeeds or fails based upon leadership skills and face time with executive management and the board of directors. Also of concern is that cybersecurity relationships with business and IT groups need work.

“This research paints an escalating and dangerous game of cybersecurity ‘cat and mouse’ and today’s cybersecurity professionals reside on the front line of this perpetual battle, often knowing they are undermanned, underskilled and undersupported for the fight,” said Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group (ESG).

Based upon the data collected, “The State of Cyber Security Professional Careers (Part I): An Annual Research Project (Part I)” conclusions include:

  • Nearly two-thirds (65%) of respondents do not have a clearly-defined career path or plan to take their careers to the next level: This is likely due to the diversity of cybersecurity focus areas, the lack of a well-defined professional career development standard and map, and the rapid changes in the cyber security field itself.
  • Continuous cyber security training is lacking: When asked if their current employer provides the cybersecurity team with the right level of training to keep up with business and IT risk, more than half (56%) of survey respondents answered “no,” suggesting that their organizations needed to provide more or significantly more training for the cybersecurity staff.
  • Cyber security certifications are a mixed bag: Over half (56%) of survey respondents had received a CISSP and felt it was a valuable certification for getting a job and gaining useful cyber security knowledge. Other than the CISSP certification however, cybersecurity professionals appear lukewarm on other types of industry certifications. Based upon this data, it appears that security certifications should be encouraged for specific roles and responsibilities, but downplayed as part of a cybersecurity professional’s overall career and skills development.
  • Cybersecurity professionals are in extremely high demand. Forty-six percent (46%) of cybersecurity professionals are solicited to consider other cybersecurity jobs (i.e. at other organizations) at least once per week. In other words, cybersecurity skills are a “sellers’ market” where experienced professionals can easily find lucrative offers to leave one employer for another. This risk is especially high in lower paying industries like academia, health care, public sector, and retail.
  • Many CISOs are not getting enough face time in the boardroom, a significant contributing factor to CISO turnover. While industry rhetoric claims that “cyber security is a boardroom issue,” 44% of respondents believe that CISO participation with executive management is not at the right level today and should increase somewhat or significantly in the future. Alarmingly, this perspective is more common with more experienced cybersecurity managers (who should be working with the business) than cybersecurity staff members. When asked why CISOs tend to seek new jobs after a few short years, cybersecurity professionals responded that CISOs tend to move on when their organizations lack a serious cybersecurity culture (31%), when CISOs are not active participants with executives (30%), and when CISOs are offered higher compensation elsewhere (27%).
  • Internal relationships need work. While many organizations consider the relationship between cyber security, business, and IT teams to be good, it is concerning that 20% of cybersecurity professionals say the relationship between cybersecurity and IT is fair or poor (surprising given that 78% of cybersecurity professionals got their start in IT) and 27% of survey respondents claim the relationship between cybersecurity and the business is fair or poor. The biggest cybersecurity/IT relationship issue selected relates to prioritizing tasks between the two groups while the biggest cybersecurity/business relationship challenge is aligning goals.

“These conclusions point to the need for business, IT, and cybersecurity managers, academics, and public policy leaders to take note of today’s cybersecurity career morass and develop and promote more formal cybersecurity guidelines and frameworks that can guide cyber security professionals in their career development,” said Candy Alexander, CISO, ISSA Cyber Security Career Lifecycle (CSCL) Chair. “Independent organizations such as the ISSA with its Cyber Security Career Lifecycle (CSCL) are taking the lead on such initiatives. This research data will help the ISSA strengthen its groundbreaking program.”

The report also lays out the “Top 5 Research Implications for Cyber Security Professionals” as a guideline for taking control of the cyber security career lifecycle. Similarly, it lays out the “Top 5 Research Implications for Employers” to help businesses, non-profits, and government agencies appeal to cybersecurity professionals at large.

Added Oltsik, “In spite of these issues however, it is encouraging that 79% of survey respondents strongly agree or agree that they are happy as a cybersecurity professional. Together with a moral imperative that attracts people to the cybersecurity profession, this data point speaks volumes about cybersecurity professionals who are willing to passionately fight the good fight regardless of their personal situations.”

http://www.issa.org/?page=issaesg_survey

KEYWORDS: CISO cyber security cyber threats

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cyber 3 responsive default

    Survey Reveals Challenges Facing Cybersecurity Profession

    See More
  • university 1 feat

    Research Says Nation's Top Colleges and Universities are at High Risk for Security Breaches

    See More
  • Security newswire default

    New Report Reveals How Accidental Insider Threats Put Organizations at Real Risk

    See More

Related Products

See More Products
  • 1119490936.jpg

    Solving Cyber Risk: Protecting Your Company and Society

  • 9780367339456.jpg.jpg.jpg

    Cyber Strategy: Risk-Driven Security and Resiliency

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing