Information Security Trends

'Unsustainable Levels of Stress' Will Push IT Security Leaders into New Roles

• By David Nagel
• 03/02/23

Within two years, half of information security professionals across all sectors will leave their current positions, and half of those will find themselves in completely different roles.

According to a new forecast from IT market research firm Gartner, this churn will be caused by multiple stressors and will create "a significant threat for security teams."

Among those stressors: poor organizational culture. According to Gartner: "Gartner research shows that compliance-centric cybersecurity programs, low executive support, and subpar industry-level maturity are all indicators of an organization that does not view security risk management as critical to business success. Organizations of this type are likely to experience higher attrition as talent leaves for roles where their impact is felt and valued."

"Cybersecurity professionals are facing unsustainable levels of stress," said Deepti Gopal, director analyst at Gartner, in a prepared statement. "CISOs are on the defense, with the only possible outcomes that they don’t get hacked or they do. The psychological impact of this directly affects decision quality and the performance of cybersecurity leaders and their teams."

Gartner also noted:

• By 2025, half of major data security incidents will be the result of lack of talent or human failure;

• Also by 2025, half of medium and large enterprises will adopt an insider risk management program, up from 10% now.

"Burnout and voluntary attrition are outcomes of poor organizational culture," said Gopal. "While eliminating stress is an unrealistic goal, people can manage incredibly challenging and stressful jobs in cultures where they’re supported."

The forecast can be accessed by Gartner clients at gartner.com.