“If you wish to hold [those department heads], suppose like a founder, not a perform. Give them possession, not simply oversight. Folks keep once they’re constructing one thing that issues, not simply defending one thing that may break,” mentioned de Silva, who till final yr was the worldwide head of compliance testing at Citi, a task he held for seven years. “Retention isn’t about perks. It’s about goal. In case your group has no voice in shaping security tradition, don’t be stunned once they discover a firm that offers them one. They need company, not simply route.”
Though burnout is usually seen as a driving power behind job dissatisfaction, de Silva disagrees.
“The issue isn’t burnout. It’s the bottleneck beneath the CISO. Mid-levels are carrying danger with out being allowed to guide. If the one method ahead is extra strain with no development, they’ll depart,” de Silva mentioned. “Drop your prime performers into cloud, fraud, or ops. It alerts belief, builds vary, and retains them engaged. Boredom is a much bigger flight danger than burnout.”
