IT Execs Half as Likely to Face the Axe After Breaches

Senior IT and cybersecurity professionals are nearly half as likely to be fired following a data breach today versus three years ago, according to new data from Kaspersky.

The security vendor’s research, IT Security Economics 2021: Managing the trend of growing IT complexity was compiled from interviews with thousands of IT decision makers across the globe.

It revealed that just 7% of organizations laid off senior IT staff following a security breach in 2021 versus 12% in 2018. The figure for senior security staff was 8% this year versus 14% three years ago.

Overall, the trend is the same: 31% of firms fired staff in various roles in response to data breaches in 2018, compared to 21% this year. C-level executives are also around half as likely to be sacked – 4% in 2021 compared to 7% in 2018.

The findings may indicate that skills shortages are biting across the globe.

The latest study from ISC2 revealed that 2.7 million security professionals are still needed worldwide. Although this is the second year in a row the figure has fallen, the workforce is still 65% below what it needs to be.

“As digital transformation intensifies, not only does the need for well-trained professionals grow, but so does management’s awareness of cybersecurity. Incidents cannot be completely ruled out,” explained Sebastian Artz, head of cyber and information security at German digital association, Bitkom e.V.

“The highest possible level of cybersecurity depends on an adequate strategy, represented by IT security experts. We therefore very much welcome positive trends regarding the appreciation of specialized staff.”

However, the findings are less positive if viewed as proof that under-performing or negligent staff are becoming impossible to fire.

The report revealed further evidence of the continued need to improve in-house skills.

When asked their main reason to increase IT security budget, 38% of respondents pointed to the need to improve specialist security expertise, second only to the “increased complexity of IT infrastructure” (47%).