The trend is changing: if until now IT executives were more often fired after cyber security breaches, the shortage of staff causes companies to keep their experts

In 2021, the number of organizations that laid off senior IT staff if they had a major security breach was reduced to less than half (7% in 2021, compared to 12% in 2018), the reduction being similar for staff IT security (8% compared to 14% in 2018).

According to the Gartner 2020 survey of boards, by 2025, 40% of boards will have a dedicated cybersecurity committee, overseen by a qualified director. The role and responsibilities of IT security directors become very important, given that cyber security risks are the second most critical source of risk for companies, after the risk of regulatory compliance. It will be very important for organizations to keep their experts in position, given the lack of skills in the market.

“The Economy of IT Security 2021: Managing the Growing Trend of IT Complexity” reveals that fewer companies are now laying off employees because of security breaches. In 2018, the measure was more common – 31% of cases – in response to data leaks, compared to 21% in 2021.

The distribution of employees who could lose their jobs as a result of a breach of cybersecurity policies has also changed. In addition to top IT positions and IT security, top executives are now less likely to be exposed to layoffs – 4% in 2021, compared to 7% in 2018. The downward trend is also relevant for non-IT senior staff. As a result, the overall differences between IT and non-IT, senior and non-senior positions, have narrowed compared to a few years ago.

The need to maintain and cultivate expertise is also reflected in budget planning: 38% of companies report the need to improve the level of cybersecurity expertise as the main reason to increase their IT security budget. In fact, this is the second most common reason, followed only by the increased complexity of the IT infrastructure (47%). In addition, by investing in their own specialists, employers are interested in retaining their expertise within the company, so that employees can develop their skills in the future.

Details on cyber security management, budgets and recent trends in responding to information incidents in the report “The Economics of IT Security 2021: Managing the Growing Trend of IT Complexity” can be found here .