- Why Cybersecurity Professionals Are Considering the Exit Door in the Age of AI
- While 83% of organizations are using or planning to adopt AI for cybersecurity, 68% of cybersecurity professionals say the job has become harder.
- AI is Not Reducing Cyber Workforce Pressure yet, but May be Exposing a Leadership Gap.
- “AI is not smarter than humans”
- Cybersecurity’s Problems Go Beyond the Screen
- “There’s so much stress for productivity”
- Full-Time CISOs are Disappearing
- Leadership Effectiveness May be the Real Gap
- Takeaways
Why Cybersecurity Professionals Are Considering the Exit Door in the Age of AI
While 83% of organizations are using or planning to adopt AI for cybersecurity, 68% of cybersecurity professionals say the job has become harder.
New research from ISSA and Omdia suggests that cybersecurity’s AI revolution has not yet delivered relief to the people defending modern enterprises. While 83% of organizations are using or planning to adopt AI for cybersecurity, 68% of cybersecurity professionals say the job has become harder. Even more concerning, nearly half have considered leaving their current role, and 57% have considered leaving the profession entirely. The findings point to a widening gap between executive expectations, CISO authority, security team workload, and the realities of defending organizations in an AI-driven threat landscape.
AI is Not Reducing Cyber Workforce Pressure yet, but May be Exposing a Leadership Gap.
It appears almost contradictory that while more companies rely on AI as a crutch or relief, more security teams are experiencing complexity concerns with more alerts, more governance risk, and more pressure. This tension builds because when the system fails, AI is not the one being blamed; instead, the fault lies with the staff and CISOs.
“AI is not smarter than humans”
– Dr. Shawn Murray, CISO and Former President of ISSA
Cybersecurity’s Problems Go Beyond the Screen
AI Three different workforce stress factors tend to appear throughout the study, with one of which being the fact that security leaders are facing increased workloads. When asked why working as a cybersecurity professional is more difficult today than it was two years ago, 55% of respondents confirmed that complexity and workload have increased. Another factor that was brought up is the adoption of new programs; 72% of respondents agreed that technology decisions are often made without cybersecurity team involvement, creating challenges to secure adoption. In a discussion with Dr. Shawn Murray, CISO and Former President of ISSA, it was emphasized that as new technology and AI is folded into the workforce, strain leans on to IT and cyber teams and causes tribal knowledge loss. Dr. Murray made the statement that “AI is not smarter than humans”. A third workforce stress factor is burnout, and 37% of respondents stated that an impact of a shortage of cybersecurity skills has on an organization is increased burnout and attrition. Of the respondents who are considering leaving the cybersecurity profession, 53% confirmed it was due to high stress associated to the career and 34% said that it did not provide a good work/life balance. Melinda Marks, Practice Director, Cybersecurity at Omdia, replied in an interview with Cyber Defense Magazine that “There’s so much stress for productivity”.
“There’s so much stress for productivity”
– Melinda Marks, Practice Director, Cybersecurity at Omdia
Full-Time CISOs are Disappearing
Over the past two years, the number of full-time CISOs dropped from 76% to 63%, while virtual CISOs rose more than threefold, from 5% to 16%. It may reflect budget pressure, CISO liability concerns, fractional leadership models, SMB adoption, or executive misunderstanding of the role. Marks stated that “With AI adoption, people realize it is a security risk and CISOs and security teams need a seat at the table to make sure this is happening safely”. With the number of CISO’s deflating, their responsibilities are being sloughed onto the IT department.
Leadership Effectiveness May be the Real Gap
It is also important to address that some employees are leaving and not being replaced by leadership. Of the respondents who are considering leaving the cybersecurity profession, 33% stated that it is due to a lack of leadership commitment to cybersecurity in an organization. It is vital for leadership to have a strong commitment to cybersecurity, and that factor was deemed as the top factor for determining the level of job satisfaction. If leadership does not communicate, it can cause unrest and dissatisfaction amongst employees.
Takeaways
AI can help cybersecurity teams, but only when it is paired with better leadership, clearer strategy, stronger governance, realistic staffing, and a board-level understanding that cyber resilience depends on people as much as platforms. These stressors existing not only harm the company, but also hurts the staff.
Marks stated that living in today’s day and age within cybersecurity. Fundamentals do not go away. “As long as we are there with a strong community that shares information, we can be a team player.
Dr. Murray added that this study is not just on AI, it covers those who work entry level to senior roles and advised that if someone wants or needs help, to go to networking events, get together, go to ISSA chapter meetings. In the words of Dr. Murray, “Collaboration is key for the CISO to be successful”.
The full eBook is available at https://issa.org/life-and-times-of-cybersecurity-professionals-volume-viii/
Learn More About ISSA: ISSA, the Information Systems Security Association, is the cybersecurity profession’s longest-standing member organization, connecting the cybersecurity workforce at every level and career stage through peer networks, professional development, research, and local chapter communities worldwide. ISSA is where building a career in cybersecurity gets the support it deserves.
Learn More About Omdia: Enterprise Strategy Group, now part of Omdia, provides focused and actionable market intelligence, demand-side research, analyst advisory services, GTM strategy guidance, solution validations, and custom content supporting enterprise technology buying and selling. Melinda Marks serves as Practice Director, Cybersecurity.
About the Author
Carmen Estela is a Cybersecurity Research Analyst at Cyber Defense Magazine and a Women in Cybersecurity Award Candidate. She recently graduated with a Master’s of Science Degreefrom the University of Central and holds a Bachelor’s degree in Criminology from the University of Florida with certifications in Data Analytics and AI Fundamentals. She frequently speaks and volunteers at well-known industry gatherings, such as BSides Orlando and BSides Jax, where she offers her perspectives on emerging cyber trends. Carmen is committed to advancing the standards of governance, risk, and compliance within cybersecurity. She has also served as an adult protective investigator, police dispatcher, and legal intern, applying investigative skills across law enforcement, academic, and public service settings.
Reach her online at [email protected].
