As the world was experiencing a global pandemic and people were adjusting to huge changes in their work and home life, a quiet revolution was bubbling away.  

Soon it grew bigger and took over at every level, and now it is known as The Great Resignation. 

What is the “Great Resignation”?   

Essentially, the Great Resignation is a movement that spans all industries, employment types, and age groups. 

It refers to the trend of people taking stock of their lives and reflecting on their work-life set-up. 

For some, it might include a complete career and lifestyle change. A deliberate move to leave a career, retrain in a different career, move house, move location, or leave/start a relationship.  

And for others, it might simply involve a shift in their goals or a sideways move in their job. But everyone has similar driving forces for these changes, namely: 

  • A desire to spend more time with family 
  • An urge to find a more fulfilling job 
  • Wanting more job security 
  • A desire for more flexible hours  

Simply put, the pandemic led many people to rethink their careers, which has created a massive workforce gap for some industries, but a personal win for many individuals.    

How the Great Resignation is being felt in the Cyber Security industry 

Cybersecurity was already facing some talent shortages before the start of the pandemic, in close alignment with the IT industry which has also been affected by the Great resignation. 

The skills gaps are being felt the most in the Mid-Market, where it is an employee market. Data shows those who are skilled are moving into Enterprise. 

According to a 2021 Cybersecurity Workforce study by (ISC)2, the cybersecurity industry is looking to fill 2.72 million positions worldwide. And although the industry has embarked on efforts to improve diversify the workforce, women only make up 27% of the STEM workforce.  

There are also efforts to improve the gender, sexual orientation, and racial diversity or workers in the Cyber Security industry.  

And for good reasons other than just because inclusivity is the right thing to aim for. Bringing people together who have different perspectives and experiences actually benefits both employees and employers alike, with a study from McKinsey showing that companies reporting greater gender, racial and ethnic diversity are more likely to achieve better financial returns, while a Cloverpop study found that the most diverse teams made better decisions 87% of the time. 

And with threats like ransomware on the rise (more than 1,100% in the last 12 months) a lack of qualified personnel only increases the risks to organizations, so cyber leaders must consider this outcome when assessing the Great Resignation.  

The risk for Cyber Security from the Great Resignation   

So, what does the migration of staff mean in real terms? Are there issues for the Cyber Security industry from this movement?  

Well, yes there are some factors to think about when assessing this trend. 

  • Data security “Zero Trust” approach  

Organisations must have a strategy for tackling accidental and malicious data loss from employees not being aware of what they can and can’t take with them when they leave their role. You’ll also need to ensure you have a solid offboarding system including exit interviews to make sure employees aren’t able to access apps, tools and databases well after they’ve quit. 

  • BYOD  

High staff turnover leads to additional cost of training the replacement and getting them up to speed with policies, processes and practices (including Security Awareness Training) which could be exploited.  

  • Stretching of resources  

Beware of an all-around increase in activity with not enough staff to monitor security events, alerts and incidents. As already mentioned, threats like ransomware are on the rise, so resources must be looked at and managed as much as possible.  

Positive outcomes for Cyber Security from the Great Resignation   

But it’s not all bad news and there are many positive elements to the Great Resignation. 

It’s no secret that the cyber security industry suffered from a tremendous talent shortage for years which is why companies should look at this as an opportunity to move forward. 

  1. 1. An opportunity to improve internal processes

Organisations can seek opportunities to improve the internal issues that may be causing valued employees to leave.

  1. 2. An opportunity to hire a range of people and skills 

Organisations can also look to bring more people into the field, via an openness to bring on people who are looking for a career change, or to take on junior hires. It’s also a great time to look at your onboarding training, as a key challenge is the lack of availability for non-technical professionals to gain cyber security training for the first time.  

  1. 3. An opportunity to increase awareness and appeal

 This includes educating and sharing success stories that are inclusive and encourage diversity.

  1. 4. An opportunity to assess staff perks and conditions  

Leaders can look to provide support, growth and a sense of community, with networking opportunities, conferences (i.e. Blackhat, Defcon). If security professionals don’t see a path to evolve their career or to be continuously challenged, they’ll start looking elsewhere.  

  1. 5. An opportunity to watch for burnout

 Organisations can streamline the large volume of tasks that are tedious and detailed by leveraging technologies such as automation, artificial intelligence and machine learning to keep staff focused on tasks that require human intervention.  

How organisations can come out on top during the Great Resignation    

This is actually a time for leaders to take the situation through to positive outcomes. If you can look at this time in history as a turning point for the industry and your organisation, you’ll achieve some serious growth over time. 

Some practical steps you can take right now: 

  • Assess your hiring procedures – ask hiring managers to adjust job requirements to focus on the skills new hires actually need and look to consider a range of talent from career-change individuals to junior hires.  
  • Offer ongoing training and development - empower your staff to make better, smarter, faster cyber decisions with tailored, modular Cyber Security Awareness Programs. If you can give people an opportunity to learn and grow, you’ll find staff are keen to stay and grow from within. 
  • Revisit your employee benefits program – what creative benefits can you offer? These might include Employee Assistance programs, flexible hours, hybrid working arrangements, or regular team events. 

After all, if you can offer flexibility, leadership, learning & development, and ongoing benefits such as competitive pay, why would people need to leave?  

Don't leave gaps in your Cyber Security, get in touch with our friendly team today to keep your business, data, systems, network and users secure.



If you liked this article, you may also like:

Cyber Security Operations: it's not not about the tools alone

How cyber security impacts your SEO strategy

The challenges of running a modern day SOC


Taylor Cheetham

Campaign Manager