Forrester has released its Predictions 2022: Cybersecurity, Risk, and Privacy report revealing an important aspect of security professionals quitting their jobs. The report claims that one in 10 experienced security professionals will exit the industry. Per 2021 data, more than half (51%) of cybersecurity executives faced extreme stress or burnout, and another 65% wanted to quit their jobs due to extreme stress levels.

The Big Quit

A widely prevalent trend of 2021, the "Great Resignation", is posing to be a big challenge to businesses in maintaining continuity and their workforce. It is also heavily impacting the security and privacy of the company, exposing it to increased risk.

The Great Resignation, also known as the Big Quit, is the ongoing trend around the world,  where employees voluntarily quit their jobs, from spring 2021 to the present, in response to the COVID-19 pandemic. Some economists described the Great Resignation as a general strike.

Third parties involved

60% of security incidents will involve third parties: With cyberattacks targeting smaller vendors and suppliers, third-party incidents will increase, and SolarWinds-style headlines will plague firms that don’t invest in the pillars of risk management — people, process, and technology.

Supply chain attack

In today’s evolving digital world, a supply chain attack is not a new threat. In fact, 80% of retail data breaches are due to supply chain attacks. Today, a growing number of hackers are adopting sophisticated tools and techniques to attack a company’s supply chain management and wreak havoc in business operations. These attacks can be devastating and may at times have an irreversible impact on the business.

Cyber insurance

One-fifth of firms will embed cyber insurance policies in third-party contracts: Before signing new and renewing existing suppliers, organizations will demand policies embedded in their contracts, stipulating that the partner assumes the risk of an intruder jumping from the partners to the organization’s environment. Smaller policies reduce exposure for cyber insurers, while also reducing the policyholder’s risk of working with new and existing suppliers with varying cybersecurity postures.

A vicious circle

As organizations grapple with security breaches, the mass exodus of IT workforce is only exacerbating the security problem. Human resource is an asset that is as critical as any digital asset. It is an organization’s most valuable asset. Stability and growth depend on human capital, which is why an excellent administration of these resources is required. All breaches in some way or the other are related to human errors and vulnerabilities.

The case in hand is the Facebook outage, where supposedly a human error - faulty configuration changes made to Facebook routers - caused the entire network to shut down, restricting all access to both digital and physical to the systems and data center. When IT experts leave, they take with them a wealth of insider privileged information, which, if misused, can cause serious implications on the working of an organization and, if they turn hostile, many imposters waiting to recruit.

Sources: CISOMAG, Harvard Business Review