Connect with us

Hi, what are you looking for?


CISO Strategy

Burn and Churn: CISOs and the Role of Cybersecurity Automation

Organizations need to listen to their CISOs and start turning to cybersecurity automation for the qualitative benefits of employee satisfaction and well-being.

Burnout in cybersecurity

CISOs have never been more important to organizations than they are today. Threat actors are capitalizing on unprecedented disruption due to economic and geopolitical uncertainty to launch increasingly advanced attacks. Seasoned security leaders bring the requisite depth of experience to ensure their teams have the tools and processes in place to address the latest threats. Additionally, new SEC cyber incident disclosure rules come into effect starting this month. So, organizations must ensure they have adequate security expertise on their board in order comply with the requirement that they “describe the board of directors’ oversight of risks from cybersecurity threats and management’s role and expertise in assessing and managing material risks from cyber threats.”

The flip side is that CISOs – and their teams – have never been more stressed. Between an overwhelming workload, constant firefighting, technology issues, keeping up with compliance audits, and fear that a compromise will make the headlines, there are many reasons why stress is rampant. In fact, burnout is one of the top reasons CISOs cite for leaving their jobs according to new research by Enterprise Strategy Group (ESG), and 55% of cybersecurity professionals say they experience on-the-job stress at least half the time.

Just when organizations need their security leaders to step up even more, a rising number are considering stepping away. However, a strong consensus has emerged that cybersecurity automation can help break the cycle of burn and churn.

The role of cybersecurity automation

Last year, senior cybersecurity professionals at companies in the U.S., U.K. and Australia were divided on the best way to determine cybersecurity automation ROI. But this year, 61.5% report (PDF) that ROI is measured by how well they are managing the team in terms of employee satisfaction and retention. Less than half that figure (29%) say ROI is determined by how well the solution is performing in security terms. This points to a signal shift in what organizations view as the “point” of investing in cybersecurity automation – the prime motivation is to improve the experience of employees.

I’ve been talking about the interplay between automation and the human element for years, and it’s been two years since I first used the term balanced automation. When you balance automation so that machines take on the tedious, repetitive tasks that you don’t need your people to do, including time-consuming manual monitoring, identification, triage, and prioritization, you can free-up analysts to focus on more interesting and fulfilling work. This is now being proven by the prevailing thinking among CISOs that the value of automation is to remove the pedantic, administrative aspects of security and address the biggest issue they face: high team member churn rates.

Additionally, employee turnover is costly. The standard industry range of 100-200% of an employee’s annual salary in hiring, onboarding, development, and unfilled time is just the beginning when replacing cybersecurity talent. You also lose finely honed skills, institutional knowledge, and team camaraderie that are hard to replace and integral to security efficiency and effectiveness. In a highly competitive and tight labor market, in which there are currently more than 572,000 job openings in the U.S. alone, finding qualified workers takes even longer and can expose the organization to additional risk.

Advertisement. Scroll to continue reading.

CISOs are speaking up loud and clear. When their teams burn and churn, so do they.

The pressure on executive leadership and boards to retain their security leaders and teams is two-fold: to meet new SEC requirements and to defend against a rising volume and variety of increasingly advanced threats. However, research shows few organizations have security representation at executive levels, much less on their boards. And not a day goes by without news of damaging cyberattacks in the headlines.

Organizations need to listen to their CISOs and start turning to cybersecurity automation for the qualitative benefits of employee satisfaction and well-being. There’s never a good time to lose good people but especially now, organizations can’t afford to lose the valuable security leaders and analysts they have.

Written By

Marc Solomon is Chief Marketing Officer at ThreatQuotient. He has a strong track record driving growth and building teams for fast growing security companies, resulting in several successful liquidity events. Prior to ThreatQuotient he served as VP of Security Marketing for Cisco following its $2.7 billion acquisition of Sourcefire. While at Sourcefire, Marc served as CMO and SVP of Products. He has also held leadership positions at Fiberlink MaaS360 (acquired by IBM), McAfee (acquired by Intel), Everdream (acquired by Dell), Deloitte Consulting and HP. Marc also serves as an Advisor to a number of technology companies.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

SecurityWeek talks to Chief Information Security Officers from, FreedomPay, and Tassat about their role and experience as CISOs.

CISO Conversations

SecurityWeek talks to Dennis Kallelis (CSO at Idemia) and Jason Kees (CISO at Ping), two of industry’s identity giants. The idea, as always, is...

CISO Conversations

U.S. Marine Corps and SAIC CISOs Discuss the Differences Between Government and Private Industry

CISO Conversations

While the BISO might appear to be a new role, it is not – and understanding its past provides insights into its present.

CISO Conversations

SecurityWeek talks to Field CISOs, Fawaz Rasheed (VMware Carbon Black) and Nabil Hannan (NetSPI), about this emerging role.

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.