Nov 28, 2023 - Technology

Exclusive: Fewer cyber pros fired following cyberattacks, data breaches

Illustration of a cursor pushing out a worker holding a cardboard box with their possessions.

Illustration: Shoshana Gordon/Axios

Corporate cybersecurity teams are now more likely to get support from their boards than to lose their jobs after a cyberattack, according to new data from cyber company Trellix first shared with Axios.

Why it matters: Cybersecurity professionals have long feared they would be fired and made the scapegoat for their organization after a company data breach or cyberattack.

  • But the new survey data suggests that attitudes within the board room and C-suite are starting to change.

By the numbers: Only 13% of the 500 chief information security officers surveyed as part of Trellix's "The Mind of the CISO" report said their company fired people or reduced staff in the first year following a major cybersecurity incident.

  • 23% said their companies reduced staff one to three years after an incident, and 31% said their companies fired people more than three years after the event.

Between the lines: In the immediate aftermath of an event, companies are instead likely to increase cybersecurity budgets.

  • 46% of CISOs said their companies increased budgets for new tools and technologies after an incident.
  • 38% said their companies created new jobs and responsibilities post-incident, and 44% added new contracted services to their cybersecurity program.

Yes, but: The Trellix report shows that job losses are still happening — not immediately after a cyberattack occurs, but once the company better understands how it happened.

  • "Perhaps impacts to the team aren't an immediate change following an incident but occur as time passes, when the dust has settled, and CISOs look to restructure or make team overhauls," the report notes.

The big picture: Some CISOs are facing legal complaints and job losses after major incidents, and forthcoming Securities and Exchange Commission regulations are putting CISOs on edge for additional liability risks.

Go deeper