Gartner Predicts 1 in 4 Cybersecurity Leaders Will Leave the Field by 2025
A new forecast from research firm Gartner estimates that nearly half of all cybersecurity leaders will change jobs by 2025. And 25% will move to non-security roles due to multiple work-related stressors.
"Cybersecurity professionals are facing unsustainable levels of stress," explained Deepti Gopal, director analyst at Gartner, in a statement. "CISOs are on the defense, with the only possible outcomes that they don't get hacked or they do. The psychological impact of this directly affects decision quality and the performance of cybersecurity leaders and their teams."
Gartner points to organizational culture and under-prioritization of security risk management as culprits behind the predicted cybersecurity talent churn. "Gartner research shows that compliance-centric cybersecurity programs, low executive support and subpar industry-level maturity are all indicators of an organization that does not view security risk management as critical to business success," the research firm said. "Organizations of this type are likely to experience higher attrition as talent leaves for roles where their impact is felt and valued."
"Burnout and voluntary attrition are outcomes of poor organizational culture," added Gopal. "While eliminating stress is an unrealistic goal, people can manage incredibly challenging and stressful jobs in cultures where they're supported."
Gartner also noted:
-
By 2025, half of major data security incidents will be the result of lack of talent or human failure;
- 69% of employees have bypassed their organization's cybersecurity guidance in the past year, according to a recent Gartner survey;
- 74% of employees in the same survey said they would be willing to bypass cybersecurity guidance if it helped them or their team achieve a business objective; and
-
Also by 2025, half of medium and large enterprises will adopt an insider risk management program, up from 10% now.
The full forecast is available to Gartner clients at gartner.com.