Connect with us

Hi, what are you looking for?


Management & Strategy

Gaining and Retaining Security Staff in The Age of the Great Resignation

Cybersecurity employers need to adapt their recruitment and retention practices to gain from benefits and minimize detriments

Cybersecurity employers need to adapt their recruitment and retention practices to gain from benefits and minimize detriments

We live in interesting times for cyber talent recruitment and retention. The task is never easy, but is now affected by two conflicting pressures: the ‘Great Resignation’ leading to staff departures, and the growth of remote working potentially increasing the pool of available applicants as replacements. 

The latter is both an advantage for gaining new talent, and a contributor to the Great Resignation. Both effects are arguably influenced by the Covid-19 pandemic. SecurityWeek talked to Jon Check, executive director of cyber protection solutions at Raytheon Intelligence & Space to gain practical insight into today’s staffing problems and solutions. Raytheon I&S provides services and support to customers largely in the government and the defense industries.

The Great Resignation

One unknown of the Great Resignation (GR) is whether it is a net gain or loss to cybersecurity. Are people leaving the profession, or leaving other employment to come to the profession? Check believes that in the long term it will be a net gain – but only if the industry gets the underlying basics of staff attraction and retention correct.

The GR has multiple causes; and we don’t yet know whether it is a temporary phenomenon or part of a permanent change in employment behavior. There are four current primary causes. Two suggest that it may be temporary while two suggest it may be more permanent. 

The two temporary causes are directly pandemic-related. First, the sheer traumatic effect of the Covid-19 pandemic, with millions of deaths, high transmissibility and long periods of isolation has led to mass life/work revaluations. High stress professions – and cybersecurity is one of these – suffer most in such circumstances: is the job worth the stress?

Advertisement. Scroll to continue reading.

The second cause is also related to the pandemic. “When the pandemic started, nobody knew what was going to happen,” explains Check. “People considering a change hunkered down. They had a job, so it was worth hanging on to it.”

Raytheon I&S had a very low attrition rate during the first 12 months of the pandemic. “Six months later,” continued Check, “we are all getting accustomed to pandemic effects, and the block on the natural churn of employees has been released.” If this idea is accurate, it could suggest that the GR will tail off and we will eventually return to a more normal level of staff churn.

The two indications that GR might become more permanent, however, come from remote working and an evolving change in employment behavior. Remote working was not caused by the pandemic but accelerated by it. The effect on staff churn is that it removes the practical friction from job-hunting. Remote workers have no fear that their current employer might become aware of their alternative job seeking. They can make confidential enquiries and applications online at any time. Changing jobs is simply easier for the remote worker.

The second argument for permanence to the GR is something observed by Check over the last few years: the importance of ‘a job for life’ is no longer so important. “People have started to work for shorter periods with multiple companies rather than staying with one employer for a long period of time,” explains Check. He believes that this is a growing trend in work behavior – and if he is right, it could counterbalance any reduction in staff churn caused by the relaxation of pandemic-related pent-up churn.

Overall, it may be that the GR is another phenomenon that has been accelerated rather than caused by the pandemic – it may simply be something that employers must learn to accommodate.

[ Read: Is the ‘Great Resignation’ Impacting Cybersecurity? ]

The remote working pool

The expansion of remote working is another phenomenon often ascribed to the pandemic when really it has merely been accelerated – albeit on a large and rapid scale – by Covid-19 effects. It brings its own advantages and disadvantages. We’ve discussed the disadvantage in its contribution to the Great Resignation. Its primary advantage is a huge expansion of the pool of available employees.

Remote working benefits most companies, and usually more so than it benefits Raytheon I&S. “It depends on our customer and the mission,” Check told SecurityWeek. “For some customers, like government, we must have bodies in the office. But in general, for functions like on-site response at a customer, we don’t need to have the staff here.”

One of the things he works on with his customers every day is to discuss specific job functions. “How do we adapt that function and successfully make sure that it can go remote?” he explained. This provides a wider choice of potential candidates to fulfil the function – but then, “How do we ensure that we make sure the person is successful, they’re accomplishing the functions and activities we need them to, and we’re able to provide feedback and guidance on how to perform to what our customers are expecting.”

This begs a question: how do you even find potential remote workers? “Social media,” he replied. “It’s the greatest recruitment platform you can possibly find. We look for who’s active in our space — who is participating with relevant blogging, and in Twitter conversations, providing insights into TTPs. The plus side of social media is that you get to see who are the thought leaders and who are the people that care and are participating; and that helps us identify candidates – which can potentially expand to include the candidates’ own circle of friends and colleagues.”

Navigating the current situation

The pandemic may eventually pass. The Great Resignation and remote working may modify, but will probably remain. Cybersecurity employers will need to adapt their recruitment and retention practices to gain from any benefits and minimize any detriments. Check is adamant that this requires doubling down on existing good practices.

Key to this is looking everywhere with an open mind for new candidates. “We do a lot working with educational establishments to help identify cybersecurity talent, but we know we have to follow up with training. We can’t expect someone to come in with the perfect résumé. If they have the right aptitude and characteristics, we’ll hire them without the perfect résumé, because we know we can train and mentor them in-house. It’s such a multi-faceted problem that there is nowhere you shouldn’t look for potential talent.”

Check is one of those leaders who won’t automatically eliminate any candidate. This includes the employment of an ex-hacker. “It would depend on the rules that apply to our individual customers. But in principle? Absolutely. Hackers’ insights could be invaluable. Why not use their technical superpowers for good rather than evil? I support the idea that people can reinvent themselves.”

Finding people is one thing – keeping them is another. Apart from the basics like adequate compensation and benefits in a good environment, Check believes that maintaining a high interest level is essential. This is achieved through training new skills and continuous mentorship.

“We’re also really focused on cybersecurity training,” he explained. “When somebody joins the team, we have a cyber academy to build skills to allow the person to grow and evolve. Key for someone to have a great work experience is to be able to continue learning new skills. Also, and most importantly, the leaders must be focused on a ‘people first’ approach. So, we’ve established a culture that we call ‘Cyberlandia’ – it’s a place with happy employees ready to tackle the hardest problems; a place where everybody’s voice is heard, and everyone is welcome.”

The key to navigating the Great Resignation is to turn the problem into an opportunity. People moving on from one industry can be attracted into cybersecurity with the right leadership approach and the right benefits on offer. Those same approaches will limit staff exodus through remote working, while providing access to the larger pool of remote staff.

Related: With the ‘Great Resignation’ Comes the ‘Great Exfiltration’

Related: NSA Issues Cybersecurity Guidance for Remote Workers, System Admins

Related: CISO Conversations: Mastercard, Ellie Mae Security Chiefs Discuss the People Problem

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.