CISOs Struggling with Burnout May Find Relief Inside Their Own Companies

Source: iStockPhoto

By Rene Kolga

How difficult is the CISO’s job (and, for that matter, the jobs of all IT security pros)? The headline of this recent article by ZDNet’s Catalin Cimpanu says it all: “Average tenure of a CISO is just 26 months due to high stress and burnout”

That’s the key finding of Nominet’s recent survey of CISOs around the world. They are weary from their daily battles against incoming cyber attacks, exhausted from working long hours (almost all work beyond their contracted hours, by an average of 10 hours per week), and afraid they’ll be fired in the event of a data breach, even if they’re not responsible. 

The global shortage of skilled personnel to fill job openings at all levels – from entry to senior levels – is one of the primary causes of these stress factors. And that’s not going to change anytime soon. Sead Fadilpašić at ITProPortal reports that CISOs around the world expect the global cybersecurity talent shortage to worsen in the next five years. 

But for many CISOs, help may be closer than they realize — maybe even sitting right down the hall from their offices.

Turn Your Recruiting Efforts Inwards

Our whitepaper “What You Can Do Right Now to Solve the Industry’s Cyber Skills Shortage” provides CISOs with several recommendations for how to fill their immediate job openings and build a pipeline of qualified candidates. One is to expand the search for candidates to include current employees. 

Training an experienced IT professional already working in another department to make the transition to a cybersecurity role is often much quicker and more cost effective than recruiting, hiring and training a new employee. And a recent article provides a real-world case study as proof that this strategy works.

In her article entitled “12 most difficult IT jobs for employers to fill”, Sharon Florentine examines how NTT Data Services is looking inward for candidates for open positions across the IT department, including cybersecurity. The company has launched a pilot program that encourages employees to discover opportunities across the company and nominate themselves for those roles. 

“Security is unbelievably challenging for global companies because of the complexities and varying rules and regulations,” said NTT Data Services CIO Barry Shurkey. “(Employees) will be able to see how well their skills and experience align with the requirements of each position, get courseware and reading recommendations to close skill gaps, and monitor the status of [their] self-nomination. We believe this ‘free agency’ for employees will help us fill those gaps.”

There is no quick fix to the years-long shortage of skilled cybersecurity pros. But there are several steps organizations across all industries can take to expand their pools of well-qualified candidates.

To learn more, follow this link to download the Nyotron whitepaper, “What You Can Do Right Now to Solve the Industry’s Cyber Skills Shortage”.