Cybersecurity pros feel overworked, underpaid, and often ignored. Organizations must address these issues to maintain strong security, comply with cybersecurity mandates, and protect all our data\n\nOctober is National Cybersecurity Awareness Month (NCSAM), a 20-year US tradition dating back to 2004. NCSAM is associated with awareness of threats and trends, highlighted for training of executives and the population at large. In the spirit of cybersecurity awareness, however, I thought I would write about the status of cybersecurity professionals to make CISOs, HR professionals, and business managers more cognizant of their current situation.\n\nAccording to new research from the Enterprise Strategy Group and the Information Systems Security Association (ISSA):\n\nCybersecurity skills shortage persists\n\nIt\u2019s safe to assume that much of the cybersecurity professional negativity is related to the global cybersecurity skills shortage. While I\u2019m skeptical about the raw job numbers often associated with this topic, the ESG\/ISSA research does indicate that 71% of cybersecurity professionals say their organizations has been impacted by the cybersecurity skills shortage, creating a situation with increasing workloads, open jobs, and high burnout\/attrition rates. Clearly, there\u2019s a correlation. CISOs can\u2019t hire their way out of this situation so they\u2019ll have to focus on things like better analytics, process automation, and professional\/managed security services to augment internal staffing and skills.\n\nOrganizations face increasing cybersecurity requirements from SEC disclosure rules to achieving Cybersecurity Maturity Model Certification, to complying with changes within the EU Cybersecurity Act, to working toward the National Cybersecurity Strategy.\u00a0Oh, and let\u2019s not forget the hurdles to jump over for purchasing cyber insurance at a reasonable premium. Getting there will require an efficient, productive, and, dare I say, happy cybersecurity workforce. During national cybersecurity awareness month, it\u2019s worth assessing whether the infosec staff is satisfied with their jobs or stressed out and ready to move on. All of us depend upon prudent management here.