Cybersecurity teams shielded from staff cuts coming in 2023

A majority of C-level executives believe layoffs may be necessary in 2023, but just one in 10 think this will lead to reductions in cybersecurity teams

Cybersecurity professionals are unlikely to lose their jobs in 2023 due to global economic uncertainty, according to new research, which suggests business leaders fear the risks of letting security slip.

The study - How the Cybersecurity Workforce Will Weather a Recession, conducted by the nonprofit cybersecurity association (ISC)² - found despite looming recession concerns, cybersecurity teams will be least impacted by staffing cuts in 2023. 

The research, which polled 1,000 C-suite executives in December 2022 across Germany, Japan, Singapore, the United Kingdom and the United States, highlights how C-suite executives view cybersecurity as an essential, valuable asset that is a strategic priority.

A total of 85% of respondents expect layoffs will be necessary at their organisations, but cybersecurity roles are expected to be the least affected by staff reductions, but only 10% of organisations are likely to cut jobs in cybersecurity compared to other business areas, such as human resources (30%), finance (24%), operations (24%), marketing (22%) and sales (22%). This is because 87% of respondents believe that a reduction in cybersecurity staff will lead to greater risks against cyberattacks, say researchers.

"The importance placed on cybersecurity professionals, even during uncertain economic times, suggests that top executives understand the critical need for a strong cybersecurity team now more than ever," says Clar Rosso, CEO, (ISC)². "This is not surprising given the upward trend in recent years where a weakening economy combined with political tensions has led to increased cyber threats. A key test for executives in 2023 will be their ability to sustain their commitment toward strengthening their organisations' resilience against evolving cyberthreats amid emerging budgetary pressures."

Underscoring the importance they place on their cybersecurity teams, half of participating executives said cybersecurity staff would be prioritised for hiring or rehiring if layoffs were necessary. 

Technology is another priority (49%), with research and development (R&D) not far behind (41%). Lower on the rehiring priority list are marketing (35%), finance (34%), operations (31%), sales (30%) and HR (29%).

The report also found:

  • 80% of participants believe a weakening economy will increase cyber threats
  • 87% of participants say reductions in their cybersecurity teams would increase the risk for their organisations
  • 31% of respondents cited cybersecurity as the least likely to be impacted in a first round of layoffs
  • 74% of respondents are open to recruiting cybersecurity talent laid off elsewhere to bolster their own teams
  • 90% of participants said they increased cybersecurity hiring in the last two to three years
  • Salary was the least important factor when determining which staff would be impacted by layoffs compared to other factors such as performance and expertise/skill set
  • Cybersecurity professionals may face increased automation adoption, longer hours, more junior staff hiring and salary freezes due to economic conditions

Featured Articles

Gartner unveils top cybersecurity predictions for 2023-2024

Half of CISOs will formally adopt human-centric design practices into their cybersecurity programmes, while adoption of zero trust architecture will rise

DDoS protection market to grow amid increase in attacks

According to research by Cloudflare, DDoS attacks increased by 109% last year, with the last 12 months seeing some of the largest attacks the world

The impact data poisoning has on cyber and AI

We take a look at why the risks of data and AI poisoning is continuing to wreak havoc on the cybersecurity industry

Five innovative ways AI can help prevent cyber attacks

Cyber Security

SailPoint delivers new non-employee risk management solution

Cyber Security

Akamai shares details of Asia’s record-breaking DDoS attack

Network Security