CISOs must be “aggressive” and “innovative” in how they retain talent against the backdrop of an increasingly volatile jobs market, a new report from IANS and Artico Search has revealed.
The duo’s 2026 Cybersecurity Talent Report is based on interviews with over 500 US cybersecurity professionals.
It found that just 34% of respondents are planning to stay in their current role in the coming year, with 43% considering a job change – rising to 46% of senior professionals.
“Career progression, satisfaction with compensation and a healthy work-life balance all correlated moderately to strongly with job satisfaction,” the report noted. “Compensation progression also correlates with job satisfaction, but as a weaker driver.”
Regardless of pay level, even small pay increases are likely to result in higher satisfaction and a greater chance of individuals staying put compared with flat compensation, IANS said.
Read more on hiring and retention: CISO Pay Increases 7% As Budget Growth Slows
There were other clear signals from the report that could help CISOs improve talent retention. IANS claimed that hybrid work involving one or two days on-site per week delivers the strongest work-life balance outcomes.
It added that 73% of security professionals who see security as a core priority for the organization report job satisfaction, versus just a fifth (19%) who see little or no senior backing for the function.
“Security leaders are navigating a complex talent environment where expectations are rising, but resources are not,” said Steve Martano, IANS faculty member and partner at Artico Search.
“We still see junior-level cyber professionals commanding high levels of compensation, but it is clear that top-quartile talent is seeking more than just a hearty paycheck. Visibility, career growth, and support from security leadership are necessary to keep high performers”
Why Retention Matters
A separate IANS report from last year shows why retention is so important in today’s job market.
It revealed that over half of CISOs face staff shortages – usually the result of hiring or budget constraints. Respondents complained of a growing workload for existing staff, driving down morale and increasing quality assurance issues.
This ultimately weakens organizations’ defenses, the report claimed.
“Security leaders are being asked to do much more with the same or fewer resources than they had previously, and that fundamentally changes how they need to think about talent,” said Nick Kakolowski, senior research director at IANS.
“As pressure on cyber teams skyrockets, CISOs who double down on mentorship, coaching and career development can create a sense of purpose and progression that helps their employees avoid burnout.”
An ISC2 report from December claimed that 59% of global organizations have “critical or significant” skills shortages, up from 44% the previous year. The two biggest drivers were talent shortages (30%) and lack of budget (29%).
The vast majority (88%) of respondents said that these shortages have led to at least one significant cybersecurity incident.