CISO Community Pulse on the War for Talent

July 2022

Despite ongoing economic uncertainty – and the possibility of a recession – most CISOs report that their companies are nevertheless having trouble filling open positions. Employee recruitment and retention remain at the forefront as a race for talent takes hold in 2022.

We asked CISOs across Evanta communities what they think is causing the talent shortage and what they’re doing to combat it. Here is what nearly 250 senior security leaders told us about talent issues and the impact on their outlook for the remainder of the year and beyond.

What’s Causing the War for Talent?

65% of CISOs indicate that their organization has more open positions now than in years’ past, with 26% reporting that the current level of open roles is about the same as past years. When asked what they attribute this to, many CISOs say the supply and demand for workers is out of balance (60%), with the evolution of the new world of work (57%) a close second choice.


For the 12% of security executives who said there was another cause, these are some of their responses:

We are running out of security expertise and talent!”

Nothing is quite as normal, and I think it’s hard to attribute it to anything specific until the dust settles a bit.”

Skilled cyber folks are actively working, and there is a gap to train new resources.”


How Long Will It Last?

48% of CISOs think the talent shortage “will remain this way for the foreseeable future.” Almost one-third (28%) believe this phenomenon will last for 12 months or more.

What About the Economy?

When asked if they think that finding and recruiting talent will be an issue even if there is a recession declared later this year, 72% of security leaders said yes, the talent shortage will still be an issue. 

What Are Companies Doing to Recruit Employees?

With regard to whether their main challenge is recruiting or retention, 59% of CISOs say that recruiting new employees and retaining current employees are equally challenging right now. They cite promoting company culture (82%) and offering flexible work arrangements (81%) as the top two ways they are recruiting new employees.

Interestingly, the top 3 recruitment strategies are exactly the same as what executives reported they were doing in our Great Resignation survey in October last year.

How Are Companies Retaining Employees?

There are three, clear strategies CISOs are focusing on to retain current employees: offering more flexibility (71%), improving company culture and employee engagement (68%) and reviewing compensation and benefits (65%).

In a similar vein to recruiting, the top 3 retention strategies are the same as what security leaders told us they were focusing on in our Great Resignation survey in October 2021.

Is This a Sequel to the Great Resignation?

We asked CISOs if they were thinking about the race for talent differently than the Great Resignation. Here is a sample of their comments:

Given the specific skills required in cyber security careers, general compensation practices, and extensive possibilities for remote work, I don’t believe the Great Resignation impacted the cyber workforce as extensively as other industries.

Now that the economy is an information-based economy, the demand for certain roles will not abate any time soon. Well-trained, seasoned security professionals will only see continued demand. Should a recession be confirmed, it will be even more critical to protect organizations.”

COVID changed remote work forever. Getting people to go back into the office 5 or 6 days a week is simply not going to happen for most companies (nor should it).”

Most involved in the Great Resignation are getting jobs someplace else. A key driver from the feedback we have received is flexibility.”

If you are a CISO navigating the war on talent, explore an opportunity to collaborate with your peers or join a community at 


Based on 240 responses to Evanta’s Community Pulse Survey, July 2022.


by CISOs, for CISOs

Join the conversation with peers in your local CISO community.