Woburn, MA — December 8, 2021 —According to a recent Kaspersky study, there is a positive trend in how organizations respond to cybersecurity breaches from an HR perspective. In 2021, almost half as many organizations laid off senior IT staff (7% in 2021, compared to 12% in 2018) and senior IT security roles (8% compared to 14% in 2018) if a serious incident occurs. Amid a challenging cybersecurity environment and growing IT complexity, the demand for IT and cybersecurity specialists remains high.
According to the Gartner 2020 Board of Directors Survey, by 2025, 40% of boards will have a dedicated cybersecurity committee overseen by a qualified director. While cybersecurity risks become the second most critical source of risks for enterprises, behind only regulatory compliance risk, the role and responsibilities of IT security executives are crucial. Further, with a continuing skills gap in the market, it should be important for organizations to save experts in their positions.
Kaspersky’s IT Security Economics report reveals that fewer enterprises now fire employees because of data breaches. In 2018, it was a more common measure (31%) in response to data breaches, compared to 21% in 2021.
The split of employees that could lose their job as a result of a cybersecurity breach has also changed. In addition to senior IT and IT security roles, C-level executives are now half as likely to be exposed to dismissals too now at 4% in 2021 compared to 7% in 2018. The decreasing trend is also relevant for non-IT senior staff. As a result, the overall split across IT and non-IT, senior and non-senior roles, became flatter than a few years ago.
The demand for retaining and nurturing expertise is seen, for example, in budget planning. 38% of enterprises report the need to improve the level of specialist security expertise as the top reason to increase their IT security budget. In fact, this is the second most common reason, followed only by increased complexity of IT infrastructure (47%). Furthermore, by investing in internal specialists, employers are interested in retaining their knowledge within the company so that employees could leverage their skills in future.
“The transfer to remote work and processes has put increased pressure on the information security sector,” comments Evgeniya Naumova, executive vice president of corporate business at Kaspersky. ”With cybersecurity jobs in such high demand and skilled professionals in low supply, companies are realizing the value of senior security executives and the need to plug the talent gap.”
“As digital transformation intensifies, not only does the need for well-trained professionals grow, but the management's awareness of cybersecurity. Incidents cannot be completely ruled out. The highest possible level of cybersecurity depends on an adequate strategy, represented by IT security experts. We therefore very much welcome positive trends regarding the appreciation of specialized staff,” says Sebastian Artz, head of cyber and information security at Bitkom e.V., Germany´s digital association.
Companies that face the lack of internal expertise can use the following tips to raise the level of their cyber defense:
To read more insights about cybersecurity management, budgets and recent incident response trend from the report ‘IT Security Economics 2021: Managing the trend of growing IT complexity’ please visit the link.
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.