As cyber-attacks continue unabated, the global population depends upon cybersecurity professionals to protect them from a global army of state-sponsored actors, cyber-criminals, hacktivists, and script kiddies alike. Unfortunately, cybersecurity teams are often understaffed, lacking advanced skills, and working in an environment of constant pressure. To gain further insight into these trends, TechTarget’s Enterprise Strategy Group and the Information Systems Security Association (ISSA) surveyed 301 IT and cybersecurity professionals at organizations all over the world.
This study sought to answer the following questions:
- Why has working as a cybersecurity professional become more difficult today than it was two years ago?
- How satisfied are cybersecurity professionals at their current jobs? What are the biggest factors for determining their level of job satisfaction?
- How likely are cybersecurity professionals to leave their current job in 2023 for any reason, including retirement, career change, and leaving for another cybersecurity job?
- How do cybersecurity professionals characterize the stress level typically associated with their careers?
- What are the most stressful aspects of jobs/careers as a cybersecurity professional?
- What actions do cybersecurity professionals believe would be the most helpful for the advancement of their careers?
- How would cybersecurity professionals characterize the cybersecurity culture at their organization?
- At any time in their career, have cybersecurity professionals experienced a situation in which the organization they worked for was knowingly ignoring security best practices and/or regulatory compliance requirements? If put in that situation, would these cybersecurity professionals be willing to act as whistleblowers?
- How has the global cybersecurity skills shortage impacted cybersecurity professionals’ organizations? How do they think that has changed over the last two years?
- What actions do cybersecurity professionals believe could be taken to address the impact of the cybersecurity skills shortage?
- How difficult is it for organizations to recruit and hire cybersecurity professionals?
- Do organizations have a chief information security officer (CISO), or similar position, in place today? To whom does the CISO report? What do cybersecurity professionals believe is the most important quality of a successful CISO?
- Do cybersecurity professionals think their organization’s CISO’s level of participation with executive management and the board of directors is adequate?
- How would cybersecurity professionals characterize the working relationships between their organization’s cybersecurity and IT departments and between cybersecurity and lines-of-business groups?
- Which actions do cybersecurity professionals believe their organization could take to improve cybersecurity programs?
Survey participants represented a wide range of industries including manufacturing, technology, financial services, and retail/wholesale. For more details, please see the Research Methodology and Respondent Demographics sections of this report.