3 Keys to Retaining Cybersecurity Talent

August 2, 2022 | By IANS Faculty

For the last few years, organizations off all sizes have struggled to retain top security talent. In addition to the headcount required to keep pace with an ever-expanding threat landscape, security leaders also face a post-pandemic labor market wrought with volatility and unpredictability they have not seen or experienced before. As an example, swarths of young professionals are willing to quit their jobs and not work for a period of time with a belief that the talent market is so hot and supply is so scarce that they can re-enter the job market at-will. 

In fact, the Department of Labor reported that in 2021, over 4.5 million workers left their jobs, which is 1 million more than the year prior. But unlike many previous seasons of turnover, employees are not just seeking higher pay; they cited remote workability, feeling valued and company culture as motivators to find new opportunities. 

This piece provides recommendations for security leaders to help keep staff engaged and on the payroll with on-going best practices. 

Trends Fueling Cybersecurity Talent Turnover 

The profile of employees seeking new job opportunities has shifted. Where the majority of turnover was previously seen in the junior workforce, “the Great Resignation” as it has been coined, is due to the attrition of midcareer professionals between the ages of 30 and 45. Turnover is highest across the medical and technology industries—both significantly impacted by the pandemic. One could argue these two groups acquired increased workloads and higher stresses than other functions and industries, and the resulting stress and burnout, ultimately, fueled record-high resignations. Below are some tips to combat increased security staff turnover with guidance on how to retain top cybersecurity talent.

How to Retain Cybersecurity Talent   

Make Talent Retention a Business Priority 

When employees leave, the work does not, which exponentially increases the importance of retained employees and their experience. Not only should employers engage the teams seeing high turnover, but they should be proactive and engage all teams across the organization. 

Provide Ample Opportunities for Feedback 

Assess the communication loop and determine how often employees are asked to provide feedback on their experience. Most companies distribute annual surveys enterprise-wide, but as the talent market is shifting, increased engagement with employees is critical now more than ever. Key engagement options include: 

  • Traditional channels: Traditional ways to amplify the voice of your employees include townhalls, roundtables, skip-level meetings and other channels for upward feedback. 
  • Incentives: Many companies are deploying incentives as a strategy, but to be successful, the rewards must align with corporate culture and what employees value. For example, show employees: 
    • Work-life balance is valued: Consider offering options like unlimited personal time off (PTO), no-meeting Fridays, Summer Fridays (where everyone leaves two hours early), remote workability or a full day off for community service. 
    • Performance is valued and appreciated: Consider offering stock rewards for high performers, “spot” cash bonuses, promotions with increased workloads and responsibilities, or allowing staffers to attend (and even present in) meetings they would likely not be part of (e.g., board meetings, executive leadership meetings, etc.). 
    • Input and growth are valued: Consider having staffers be part of interview panels and influence hiring decisions or offer them stretch assignments and career development programs. 
  • Stay interviews: This is a new trend popular among innovative leaders. Instead of engaging employees about their decision to leave during exit interviews, “stay interviews” flip the script and allow leaders and talent managers to establish rapport with teams and individuals about what they like about the organization, why they stay, and which areas present challenges and opportunities. This is a great way to be proactive about employee experience and provide leadership with insight that may have previously been a blind spot. 

For example, security teams often feel isolated from the business. They are seen as disruptors to the normal workflow and are not asked to engage in the business activities and initiatives they support. Many times, security leaders aren’t aware of the consistent pushback tactical security personnel face and don’t account for these challenges in their strategic priorities. 

Budget is also a huge issue that often gets uncovered, especially for security teams. Many teams are understaffed or overworked because they don’t have the appropriate tools and tech to support the priorities. This is a HUGE downer on staff experience. 

As you identify trends, hold executive leadership accountable to deploying solutions that are feasible, reasonable and relevant to employee concerns and challenges.  


READ:  Guidance for CISOs Presenting to the C-Suite   


Focus on Company Culture 

Company culture is how companies get things done, and it’s an important part of customer and employee experiences. Ideally, culture is reflected in and connected to the company’s mission and vision, and it’s a valued part of how people work, behaviors are rewarded and decisions are made. A significant influencer of culture is the tone at the top. Assess how committed your leadership team is to living your company’s values. 

At Amazon, leaders are encouraged to use the company’s core principles as part of all decision-making activities—both operational and people-related. Many other organizations have values that are known in theory, but not executed in practice. 

Now more than ever, employees are seeking to connect with organizations that have values and principles that mirror their own. Tone is set at the top, and leaders should use culture as a “North Star” that all employees, teams and leaders should be aiming for to drive consistency and morale, as well as create community. 


DOWNLOAD: Building a More Diverse InfoSec Team 


Tips to Retain Cybersecurity Talent   

Hiring and retaining great security talent is possible. Here are a few strategies successful leaders have used to proactively reduce attrition: 

  • Conduct stay interviews to assess the needs of your workforce: Understanding the root cause of employee turnover is the most critical part of this exercise, because everything else rests on it. Increase the lines of communication and ask employees what they like most about their job, what they like least, what their goals are and what their managers can do more of or less of to support their work experience. 
  • Enhance company culture: Assess the current state of your company’s culture and determine how it influences employee experience. Seek ways to drive culture from the top down and incorporate culture into decision-making to improve operational performance and engagement. 
  • Don’t forget about the work: Remaining employees are challenged with increased workloads amid high turnover. Acknowledge this in word and, more importantly, action. Encourage innovation to drive efficiency and provide opportunities for your workforce to challenge traditional processes and procedures. Showcase growth as more than promotions, and encourage information sharing and incorporation of passions to drive increased engagement and improved individual and team performance. 

Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in connection with such information, opinions, or advice. 


Access time-saving tools and helpful guides from our Faculty.


IANS + Artico Search

2022 CISO Compensation Benchmark Study

Get New IANS Blog Content
Delivered to Your Inbox

Please provide a business email.