Layoffs are imminent at organizations of all types and widely viewed as a necessity as economic difficulty looms, but cybersecurity professionals will be the least impacted, according to (ISC)2.
Only 1 in 10 executives anticipate job cuts to cybersecurity teams this year, according to a survey released Thursday by the non-profit cybersecurity training and certification organization.
“This is probably the most elevated importance that’s been placed on cybersecurity that we’ve ever seen,” (ISC)2 CEO Clar Rosso said.
Professionals in HR, finance, operations, sales, marketing, IT and research and development are all expected to face steeper job cuts this year, the survey found. HR, operations and finance teams were tapped as the most likely to be impacted by layoffs.
A series of high-profile and damaging cyberattacks has underscored the critical role cybersecurity teams play, and top brass is taking notice, according to (ISC)2.
“I believe that reflects in part the value they put on the strategic importance of information systems security within their organization,” Rosso said.
Nearly 9 in 10 respondents said reductions in cybersecurity staff would increase risk, the survey Found. But 4 in 5 expect threats to rise in 2023 regardless of staffing levels.
When organizations eliminate cybersecurity positions, they are often slower to assess and manage the threat landscape and patch critical systems, according to Rosso. Smaller teams are more likely to make errors in process and procedures, which can create vulnerabilities in their system.
“Those are also tied very directly to the reasons that organizations have cyber incidents and they have data breaches,” Rosso said.
The vast majority of respondents, 9 in 10, said their organizations have increased cybersecurity hiring since 2020, and about half said cybersecurity professionals would be prioritized for hiring when the economy improves.
(ISC)2 surveyed 1,000 C-suite executives in the U.S., U.K., Japan, Germany and Singapore in December 2022. The organization purposefully excluded CIOs and CISOs from the survey to gain perspective from individuals most responsible for headcount.
Respondents represented organizations in IT services, manufacturing, retail, finance, software, healthcare, construction and telecommunications.
The view into how the cybersecurity workforce will weather economic difficulties leaned heavily on a widely anticipated recession, but data pointing to a recession remains mixed.
“We’ve had people whispering recession in our ear for a couple of years now,” Rosso said. “Recession? Not sure. A lot of economic uncertainty and maybe some global instability? You can’t argue against that.”
(ISC)2 hasn’t heard about significant layoffs impacting cybersecurity professionals and notes hiring remains robust.
At least three cybersecurity firms — Sophos, Okta and SecureWorks — announced staff cuts so far this year, and some cybersecurity staff at the world’s biggest tech companies have been impacted by massive layoffs.
“This is my invitation to all those tech workers who’ve been laid off. Come on over. We’ve got jobs for you in cybersecurity,” Rosso said. “Historically the individuals who are best suited to move into cybersecurity come from IT backgrounds and we have millions of jobs, so come on over.”
