author photo
By Cam Sivesind
Thu | Dec 8, 2022 | 3:37 AM PST

We hear it all the time: there are not enough people to fill all the cybersecurity roles (including CISOs) that are currently available, not to mention the openings expected in the coming months and years.

Yet, CISOs are bailing out of their positions at an alarming rate to go do something, anything else, that is less stressful and a lot less taxing.

This post highlights that "in the span of eight days last month [October], there were several reports of state CISOs resigning, including Oklahoma, Georgia, Pennsylvania, and North Dakota," and the author, a CISO himself, waxes as to why CISOs are resigning.

"During times of exploration, CISOs may discover new interests and passions that lead them to pursue roles outside of cybersecurity," Dave Stapleton writes. "The increasing number of 'Chief Trust Officer' positions filled by former CISOs illustrates how the experiences of a CISO can lead to other careers. Being a CISO sometimes serves as the catalyst to finding a new career path."

Another post says: "32% of CISOs or IT Security DMs in the UK and US are considering leaving their current organization, according to a research from BlackFog. Of those considering leaving their current role, a third of those would do so within the next six months."

The CEO of BlackFog is quoted in the post as saying, "Adapting to a fast-changing landscape is key, however, and organizations need to ensure that their security teams are given the time and resources to devote to keeping pace with the latest thinking, frameworks and innovations designed to lower their cyber risk."

Some among the CISO exodus are doing so due to unforeseen pressures being applied to their specific positions and companies. For instance, Twitter's CISO, Chief Privacy Officer, and Chief Compliance Officer all left after Elon Musk's purchase of the company and ensuing changes to policies and procedures. 

So it appears that CISOs and the cybersecurity profession as a whole are not immune to "The Great Resignation." The reasons for CISOs leaving roles likely don't vary much from other professions experiencing loss of top roles and talent. People want:

  • Work-life balance
  • To keep their ability to either work from home or keep a hybrid option and not being required to work in the office
  • To feel respect and appreciation
  • Accountability for how their company affects the environment, or its policies on politically charged issues such as LGBTQ  and immigration rights

Employees have more power than ever, and they have no problem making the decision to do what's best for them, even if it means lower pay for a less-stressful job. However, in many cases, they can find meaningful, rewarding work that still pays well—and perhaps even more than they were making before.