Nearly a Third of Cybersecurity Leaders Considering Quitting

Cheyenne, Wyoming, November 1, 2022 – Almost a third (32%) of CISOs or IT Cybersecurity Leaders in the UK and US are considering leaving their current organization, according to new research from BlackFog, released today. Of those considering leaving their current role, a third of those would do so within the next six months. These findings come as demand for cybersecurity talent intensifies, with reports of hard to fill vacancies and skills shortages across UK and US organizations.

This research, which explored the frustrations and challenges faced by cybersecurity leaders also highlights the impact that cyber incidents have on turnover and job security. It revealed that of those who had been a CISO or IT security leader at a previous organization, two fifths (41%) either left, or were let go, due to an attack or data breach.

When asked about the aspect of their role that they disliked most, 30% cited the lack of work life balance, with 27% stating that too much time was spent on firefighting rather than focusing on strategic issues.

However, their role in keeping their organization safe from cyberthreats was clearly valued, with 44% of respondents stating that the most enjoyable aspect of the job is being the company ‘protector’ and having the ability to keep everyone working securely.

“Cybersecurity expertise has never been more in demand; however, these numbers highlight a serious issue with retention in the field. Board members and the C-Suite must recognize that keeping a strong team of IT security leaders is essential for their company’s safety and security. said Dr. Darren Williams, CEO and Founder, BlackFog.

“Recruiting is a challenge globally, and with stiff competition to attract the best talent, organizations need to address the well-being and work-life balance issues that have persisted across the industry. Organizations do not want to run the risk of having a lapse in their security posture in the wake of losing their CISO.”

Escalating cybersecurity threats are driving new innovations to help organizations improve their cybersecurity posture, however, BlackFog’s findings show:

• More than half, 52%, admitted that they are struggling to keep up to date with new frameworks and models such as Zero Trust.
• A further 20% felt that keeping the skill levels of their teams in line with these was a ‘serious challenge’.
• 54% also felt that they weren’t able to keep up to date with information on the latest cybersecurity solutions such as anti data exfiltration.
• 43% of respondents found it difficult to keep pace with the newest innovations in the cybersecurity market. This number varied by country, with 49% of US respondents agreeing versus 36% in the UK.

There were several key positives reflected in this study, especially in the realm of Board’s expectations for the respondents. BlackFog’s findings show that 3 out of 4 (75%) agree that there is a full alignment between the Board’s expectations of what they can achieve in their role and what they are equipped and able to deliver. In fact, two thirds (64%) of respondents were able to complete their priority tasks within the first six months of their starting date. This may be down to the fact that, on average, 27% of IT spending goes towards the security budget.

“These results show us that while the security leaders’ role comes with huge challenges and enormous pressures, there are encouraging signs that Boards are listening to their needs and there is, broadly, a strong level of alignment in terms of their expectations and leaders’ ability to deliver on these,” said Dr. Darren Williams, CEO and Founder, BlackFog. “Adapting to a fast-changing landscape is key, however, and organizations need to ensure that their security teams are given the time and resources to devote to keeping pace with the latest thinking, frameworks and innovations designed to lower their cyber risk.”

BlackFog is the category-defining vendor in anti data exfiltration (ADX). Founded in 2015, the company invented ADX on the thesis that the endpoint is the only control point capable of stopping data from leaving an organization, an architectural bet that has now been validated across three exfiltration vectors: ransomware, shadow AI, and autonomous AI agents. BlackFog’s endpoint-native platform protects more than 500 enterprises, government agencies, and critical infrastructure operators worldwide. 

The company is the publisher of the annual State of Ransomware report and the BlackFog/Sapio Shadow AI Research, the most-cited primary research in the category. BlackFog’s recognition includes the teiss Awards 2026, the AI Excellence Award 2026, the Cybersecurity Excellence Awards 2026, and the Cybersecurity Breakthrough Award. Headquartered in San Francisco with international operations in London and Belfast. Learn more at blackfog.com.

The results from this survey are from an online survey Sapio Research fielded on behalf of BlackFog with IT Cybersecurity Leaders and Decision Makers in companies of over 500 employees across the UK (200) and US (205). The research was conducted in August and September 2022.