“Burnout is a real concern, not only for security professionals, but for all IT-related talent. Given that enterprises are asking more than ever from their existing technology teams, IT leaders also need to be hyperaware of the need to retain those professionals.”
Christopher M. Steffen, Research Director at Enterprise Management Associates
I’m in countless advisory meetings where the discussion turns to “How do I retain my security staff?” Then the follow-on question, “I’m in need of more security professionals and I can’t hire fast enough. How do we solve the skills gaps and talent shortages we’re facing?”
Which leads to my serious response “Check out Netenrich solutions to modernize your digital operations. We can help.” Soft sales plug aside, the problems are real and focus on the most important factor, your people.
As a security leader and practioner for too many years to count, my concern focuses on frontline IT and security professionals toiling day in and day out, fighting the daily fires with no end at sight. I’ve seen too many instances of job burn-out and high-levels of stress and anxiety among workers – exasperated by IT pressures and remote work demands.
This year’s major ransomware attacks, Solar Winds, Colonial Pipeline and JBS, hit close to home for everyone. More fires to fight. More stress. Less budget and resources on hand to do the job well and resolve issues quickly.
As a security community, we need to prioritize on the care and health of our infosec teams. We’re talking about their mental, physical and emotional well-being. Recent reports cite the following stats which I’m not surprised to hear:
Job burnout also leads to a sense of complacency and lack of motivation. Both are not good for security nor for the business. Lackadaisical and sloppy practices set up weaknesses across your security operations. It may also create work cultures filled with finger pointing, disagreements and bullying types of behaviors where innovation and collaboration disappear.
“It’s more than monetary incentives or time off to retain IT and security professionals.
Ironically, most security professionals I know would much prefer to have additional help, reduced workloads, and less bureaucratic red tape than additional dollars or title promotions.”
Christopher M. Steffen
So in my learnings of managing teams, here are some ways to empathize and care for your valuable professionals. It’s time to invest in your people and provide the resources they need to thrive. Their health, their frame of mind and motivation to work is in everyone’s best interests.
Cybersecurity Awareness Month, #BeCyberSmart