Recessions and the cyber workforce.

ISC2 today shared their “How the Cybersecurity Workforce Will Weather a Recession” report, detailing the anticipated impact of economic hard times and related factors on the cybersecurity workforce as this year unfolds. The study analyzed input from C-Suite executives on their economic concerns.

The cyber labor force.

The research shows that the cybersecurity workforce is highly regarded by executives. 87% of the respondents note that a cut to their cybersecurity teams would mean more risk for the company, so much so that 31% of those surveyed noted cybersecurity to be the least likely department to feel the impact of layoffs. HR, sales, and operations were cited as more likely to be affected in the first round of job cuts, with 44%, 41%, and 40% of respondents citing those departments respectively as likeliest to bear the weight of layoffs. Cyber professionals are also at the top of the list for many executives when it comes to rehiring, with 51% of respondents saying cybersecurity professionals would be a priority to rehire.

Riskier threat landscape and varying geographical perspectives.

The study reports that 81% of respondents expect a rise in cyber threats in 2023. 80% of those surveyed point to a depreciating economy as a cause for cyber threat concern, with an even larger percentage (87%) believing a reduction in cyber employees further raises risk. Geographical location had a surprising correlation with assessment of risk, with 73% of German respondents citing fear of risk after cybersecurity staff cuts, and Singapore and the United Kingdom seeing a greater risk, 96% and 94% respectively. German respondents also were less likely than those from other countries to believe that cyber threats will increase in the coming year, with just 65% expecting an increase, in contrast with over 80% of respondents from other countries seeing a rising threat.

Economic conditions and considerations.

Tthe economy may still be a cruel mistress to some cyber professionals, especially to junior staff members. What do executives cite as the factors they weigh in deciding where to make cuts? “Performance (50%), expertise/skill set (49%), skill redundancy (43%), and diversity/team composition (37%),” are all cited by professionals as higher priority considerations than salary, which was cited by just 30% of respondents. The recession also impacts cybersecurity teams in a different way, with increased automation and higher hourly commitments due to increased demand impacting the industry, cited by 41% and 40% of respondents, respectively. An increase in junior and entry-level staffers and promotion and raise freezes are not impossible either, say 36% and 30% of the surveyed administrators.