Why Cybersecurity Experts Are Thinking About Quitting in the AI Era
Although 83% of companies are using or planning to implement AI for cybersecurity, 68% of professionals in the field say their jobs have grown more difficult.
A new study by ISSA and Omdia reveals that the AI transformation in cybersecurity has not yet eased the burden on those tasked with protecting modern businesses. While 83% of organizations are either using or planning to adopt AI for cybersecurity, 68% of cybersecurity professionals report that their work has become more challenging. Even more alarming, almost half have thought about leaving their current positions, and 57% have considered walking away from the profession altogether. These results highlight a growing disconnect between what executives expect, the authority given to CISOs, the workload on security teams, and the actual challenges of defending organizations against AI-powered threats.
AI Hasn’t Eased the Pressure on Cybersecurity Teams—and May Be Revealing a Leadership Shortage
It seems paradoxical: even as more organizations lean on AI as a support tool or safety net, security teams are grappling with greater complexity—more alerts, heightened governance risks, and mounting pressure. This strain intensifies because when systems fail, AI doesn’t take the blame; instead, the responsibility falls on staff and CISOs.
“AI Is Not Smarter Than Humans”
— Dr. Shawn Murray, CISO and Former President of ISSA
Cybersecurity Challenges Extend Far Beyond Technology
The study identifies three key sources of workforce stress. The first is that security leaders are shouldering heavier workloads. When asked why cybersecurity work is harder today than it was two years ago, 55% of respondents pointed to increased complexity and workload. The second factor is the rollout of new programs: 72% of respondents said technology decisions are frequently made without input from cybersecurity teams, making secure adoption more difficult. In an interview with Dr. Shawn Murray, CISO and Former President of ISSA, he stressed that as new technology and AI are integrated into the workforce, the strain shifts onto IT and cyber teams and leads to a loss of institutional knowledge. Dr. Murray stated plainly that “AI is not smarter than humans.” The third stress factor is burnout: 37% of respondents said the impact of a cybersecurity skills shortage on their organization includes higher burnout and turnover. Among those considering leaving the profession, 53% cited high stress tied to the career, and 34% said it failed to offer a healthy work-life balance. Melinda Marks, Practice Director of Cybersecurity at Omdia, noted in an interview with Cyber Defense Magazine, “There’s so much stress for productivity.”
“There’s So Much Stress for Productivity”
— Melinda Marks, Practice Director, Cybersecurity at Omdia
Full-Time CISOs Are Vanishing
Over the past two years, the proportion of full-time CISOs has fallen from 76% to 63%, while virtual CISOs have more than tripled, rising from 5% to 16%. This shift may reflect budget constraints, growing concerns about CISO liability, the rise of fractional leadership models, increased adoption among small and medium businesses, or a fundamental misunderstanding of the role at the executive level. Marks explained, “With AI adoption, people realize it is a security risk, and CISOs and security teams need a seat at the table to ensure this is happening safely.” As the number of dedicated CISOs shrinks, their responsibilities are increasingly being absorbed by IT departments.
Leadership Effectiveness May Be the True Gap
It’s also worth noting that some employees are departing and leadership is not replacing them. Among those considering leaving the cybersecurity field, 33% cited a lack of leadership commitment to cybersecurity within their organization. Strong leadership dedication to cybersecurity is essential, and it was identified as the single most important factor in determining job satisfaction. When leadership fails to communicate, it breeds unrest and dissatisfaction among staff.
Key Takeaways
AI can support cybersecurity teams, but only when combined with stronger leadership, a clearer strategy, more robust governance, realistic staffing levels, and a board-level understanding that cyber resilience depends just as much on people as it does on technology platforms. These stressors don’t just damage the organization—they take a real toll on the people within it.
Marks reflected on what it means to work in cybersecurity today: “Fundamentals do not go away. As long as we are there with a strong community that shares information, we can be a team player.”
Dr. Murray added that this study isn’t solely about AI—it spans professionals from entry-level to senior roles. He encouraged anyone who wants or needs support to attend networking events, connect with peers, and join ISSA chapter meetings. In Dr. Murray’s words, “Collaboration is key for the CISO to be successful.”
The full eBook is available at
Learn More About ISSA: ISSA, the Information Systems Security Association, is the longest-standing member organization in the cybersecurity profession. It connects cybersecurity professionals at every level and career stage through peer networks, professional development, research, and local chapter communities around the world. ISSA is where building a cybersecurity career gets the support it deserves.
Learn More About Omdia: Enterprise Strategy Group, now part of Omdia, delivers focused and actionable market intelligence, demand-side research, analyst advisory services, go-to-market strategy guidance, solution validations, and custom content to support enterprise technology buying and selling. Melinda Marks serves as Practice Director, Cybersecurity.
About the Author
Carmen Estela is a Cybersecurity Research Analyst at Cyber Defense Magazine and a Women in Cybersecurity Award Candidate. She recently earned a Master of Science degree from the University of Central and holds a Bachelor’s degree in Criminology from the University of Florida, along with certifications in Data Analytics and AI Fundamentals. She is a frequent speaker and volunteer at prominent industry events such as BSides Orlando and BSides Jax, where she shares her insights on emerging cyber trends. Carmen is dedicated to advancing governance, risk, and compliance standards within cybersecurity. She has also worked as an adult protective investigator, police dispatcher, and legal intern, applying her investigative skills across law enforcement, academic, and public service environments.
Reach her online at [email protected].
