Finding and hiring talented cyber security analysts is difficult enough, but once talent is hired, trained and deeply familiar with your organization’s architecture, tools and security operations the real challenge begins – keeping them from quitting.
Top cyber security pros are a hot commodity and they know it. According to the ESG and ISSA State of Cyber Security Professional Careers ESG Survey, “46% of organizations claim to have a problematic shortage of cyber security skills.” And roughly half of cyber professionals surveyed reported being approached by recruiters at least once a week. You should assume your best team member are being actively recruited by other companies. They are likely offering them exciting challenges, amazing opportunities for growth and yes, higher salaries. If all this has you wracked with anxiety like a paranoid lover – it should. But there is hope, don’t just suffer from fear and jealousy, take action to keep your most prized team members happy at home in your SOC.
First, we need to understand the root cause of SOC analyst churn…
5 Reasons security analysts quit
1 – Lack of Room for Growth
The problem with managing smart, ambitious people is that they are smart and ambitious. The best cyber security analysts are highly intelligent, fast learners and love a good challenge. Unfortunately, day-to-day operations of your SOC may be fairly monotonous and leaving your best people unsatisfied over time. Security operations managers should constantly be looking for ways to reward, acknowledge and advance their highest performing team members.
2- Not Enough Training Opportunities
A recent ESG survey showed that fully one-third of those polled cited “lack of training” as a main motivating factor when it comes to looking for new employment possibilities. Continued professional training is an important part of employee satisfaction. Don’t let training get pushed aside amongst the grueling pressure of a demanding SOC. Schedule and budget training sessions as ‘non-negotiable’ and get creative about new ways to challenge team members and develop skills.
3 – Burnout and Alert Fatigue
Your best analysts can fly through a mile-high stack of alerts at break-neck speed and never miss a thing. So how do you reward them? More work. On the one hand, it’s perfectly fair. You hired them for their expertise and efficiency, for their ability to perform under pressure. But you need to be aware of burnout and alert fatigue. Too many alerts creates a particularly pernicious type of stress experienced when a person has no control over the pace of incoming work and the work literally never ends. The result is that the situation feels impossible and like there is no way out – except to quit.
4 – Security Approach is Weak and Out-of-Date
According to the ESG study, lack of company-wide support is the number one reason why analysts look for greener pastures. It is difficult for analysts to remain motivated when they feel like the powers that be are working against them. Cyber security analysts need to feel like heroes and know the top brass has their back. If your organization fails to provide the proper state-of-the-art tools to help them in their daily work, the result can be frustration and downright insult. Make sure cyber security is a valued and esteemed part of your corporate culture so your best team members will be motivated to stick around and fight for the home team.
5 – Financial Motivators
Yes, money matters. Financial compensation does play a role when it comes to reasons that analysts look for new opportunities. That is to be expected in such a demanding and highly technical field. And with zero percent unemployment and a growing skills shortage, upward pressure on salaries is expected to continue to climb for the foreseeable future. There is no way around this one. Keep up to date on salary and compensation trends and make sure you are competitive.
So what’s the one trick that can keep top analysts happy at home…Training
Challenge Analysts with Cyber Training
According to the ISSA and EGA survey, when asked if their current employer provides the cyber security team with the right level of training to keep up with business and IT risk, more than half (56%) of survey respondents answered “no.” Don’t make this mistake. Keep cyber security analysts engaged, challenged and happy as larks by providing the best possible training opportunities. Build a robust framework to teach, test, practice and refresh skills. Each time the industry is aflutter talking about the latest attack strategy, give your team a chance to jump in and learn to defend against it. But don’t stop with dry updates and lectures. Put their response skills to the test in a realistic, fully simulated environment that will both get their blood pumping and give them the pride and confidence of knowing that they are ready to face the most dangerous breaches.
The more realistic the simulation the better. Simulations are not only proven to the best way to learn and master a new skill, they are also a lot of fun. Every great security analysts dreams about facing off against the world’s most renowned hackers. Provide plenty of opportunity for your SOC team members to face new challenges and sharpen their skills in a fully equipped cyber simulator to keep them engaged, growing and satisfied.
Training is often looked at as a tacked-on afterthought, something that is only done when there is nothing left on the SOC to-do list. But the reality is that training is an imperative key to keeping analysts engaged by providing a framework to test and refresh their skills on a continual basis. Hands-on training also gives analysts a chance to sharpen their classroom-based skill set so that they can use those skills effectively when they need to in real life. Training also keeps analysts at the fore of technological trends and methodologies, ensuring they stay up-to-date.