How do you keep a high-value team when fewer than four in ten say they intend to stay? That is the blunt dilemma facing chief information security officers (CISOs) and security leaders after a new IANS report found that just 34% of cybersecurity professionals plan to remain in their current roles over the next 12 months.
What the report says
The IANS report, summarized in recent reporting, presents a snapshot that organizations cannot afford to ignore: a clear decline in job satisfaction among cybersecurity staff and a corresponding erosion of near-term retention. The report’s headline figure — that only 34% of cybersecurity professionals intend to stay in their positions for the coming year — is presented as the focal point for the report’s argument that CISOs must innovate on talent-retention strategies.
Why this matters now
When a profession responsible for protecting critical systems and sensitive data signals instability, the implications are broad even if they are not spelled out in the report. Talent churn complicates continuity of operations, increases the burden on remaining staff, and raises recruiting costs. For security leaders, the figure reported by IANS serves as a warning: conventional approaches to staffing and incentives may not be sufficient in a climate where job satisfaction is declining.
Different perspectives on the problem
- Technologists: Security teams facing higher turnover are likely to see institutional knowledge depart with departing staff. That makes maintaining complex controls and responding to incidents more difficult over time, especially for organizations that rely on lean teams.
- Policymakers and organizational leaders: The IANS finding spotlights a workforce issue that intersects with operational resilience. It suggests a need to reexamine retention strategies and workforce development programs, and to consider how organizational policy and investment support—or fail to support—security personnel.
- End users and customers: Customers and employees depend on stable security operations. A workforce with lower job satisfaction and higher mobility can erode confidence in an organization’s ability to anticipate and mitigate risks effectively.
- Adversaries: Any discernible weakening in retention or morale within defensive teams can be an incentive for opportunistic threats. Adversaries exploit gaps in staffing continuity and the learning curve that accompanies onboarding new defenders.
What leaders are being urged to do
The central prescription emerging from the IANS report is straightforward: CISOs are urged to innovate on talent retention. Innovation in this context can mean rethinking how roles are structured, how success is measured, and how organizations invest in the long-term careers of security professionals. The report frames retention as a strategic priority rather than an HR afterthought.
For security chiefs and their boards, the report’s message is clear without being prescriptive: failing to address declining job satisfaction will limit an organization’s ability to sustain mature security programs. The 34% figure is a benchmark and a call to action — a signal that traditional retention tactics may no longer be adequate.
The next steps are not spelled out line by line in the reporting, but the logic is plain: diagnose the drivers of dissatisfaction, experiment with different retention levers, and measure outcomes. That approach requires candid assessment from leadership, investment in people and processes, and a willingness to try new models.
If protecting systems depends as much on keeping experienced staff as it does on technology, then the IANS statistic is more than a survey result: it is a risk indicator. Will organizations treat it as such, and will CISOs be empowered to change course before turnover becomes a breaking point?
