Workers most impacted by the tech layoffs, however, have been those working in product management, product development, marketing, sales, and recruiting roles. People working cybersecurity roles are one group that has largely been unaffected by layoffs—and will continue to be somewhat immune. 

A new study published by (ISC)² shows that despite looming concerns about an economic downturn and layoffs in the tech industry, cybersecurity teams will be the least impacted by job cuts in 2023. (ISC)² is the largest nonprofit organization for certified cybersecurity professionals. For the study, (ISC)² polled 1,000 C-suite executives in December 2022 to assess the impact of a potential recession on cybersecurity teams.

“The good news is that members of the C-suite now view cybersecurity as a must-have, not a nice-to-have. They see the value in having robust cybersecurity departments,” Clar Rosso, CEO of (ISC)², tells Fortune. “The next step is making sure cybersecurity departments are clearly communicating that value-add.”

While 85% of respondents said they expect layoffs will be necessary at their organization, they anticipate that cybersecurity jobs will be the least affected by job reductions. In fact, just 10% of organizations responded that they’d be likely to cut jobs in cybersecurity, which is much lower than other business areas including human resources (30%), finance (24%), operations (24%), marketing (22%), and sales (22%).

Greater risk for cyber attacks means greater job security 

A weakening economy leaves more opportunities for cyberattacks because threat actors will “prey on vulnerable individuals with schemes like fraudulent apps or services that purport to help people save money,” Rosso explains.

Plus, having fewer cybersecurity workers on deck means fewer people defending against cyber attacks, she explains. Of the CEOs surveyed, 80% said they believe that a weakening economy would increase cyber threats.

“This isn’t rocket science—one man’s garbage is another man’s treasure,” Rosso says. “In this case, the economic uncertainty we’re facing is an absolute goldmine for threat actors.”

Not only will managers and executives need more people to prevent against impending cyber attacks, but they’ll also need to retain the top talent they have. This starts with ensuring that cybersecurity departments clearly communicate their value-add to the C-suite and other company executives. Be proactive: Show senior leadership what you’re working on now and what you plan to work on in the future that can help protect the organization, while keeping its strategic goals and associated risks in mind, Rosso advises.

“Strategic updates show value, and also build a relationship of trust with senior leadership,” she says. “Companies will start thinking about cybersecurity talent as critical if the departments make it known how critical they are.”

From an employer standpoint, Rosso also advises keeping employee morale to retain cybersecurity talent, which would include reducing workloads, understanding employee painpoints, and giving the option for remote work.

“Employees who feel valued are much less likely to leave for a different opportunity or become an insider threat,” she adds.

How layoffs impact entry-level cybersecurity workers

While job reductions in cybersecurity are predicted to be lower than other functions, C-suite leaders do anticipate that junior staff members could be impacted by layoffs at a higher rate than senior-level employees, (ISC)² research shows. However, these same leaders also recognize that job performance is the most important factor in determining layoffs, Rosso says. 

“Cybersecurity professionals at all levels obviously should be performing as well as they possibly can, and that goes for entry-level staffers, as well,” she says. “Show management what you’ve got and deliver value.”

While earning a master’s degree in cybersecurity can be one way to enter the field, there are other ways to get a head start in finding a job. Entry-level cybersecurity workers sometimes have challenges in finding work, but (ISC)² recently launched a program called Certified in Cybersecurity, which helps candidates learn the basics of cybersecurity, including security principles, business continuity (BC), disaster recovery (DR) and incident response concepts, access controls concepts, network security, and security operations. 

This new certification is free for the first 1 million people who sign up to complete the online course and certification. In the three months since its inception in spring 2022, the program registered more than 110,000 candidates.

“Entry and junior-level practitioners are equipped with the skill set to handle most cybersecurity tasks, freeing up senior staff’s time to focus on more advanced tasks, such as secure software development, endpoint security, data security and risk assessment,” Rosso adds. “If you perform well, the chances of finding yourself amid the growing wave of layoffs are very unlikely.”