We continue with MSIA graduate Timothy Dzierzek's case study analysis of burnout and turnover in help-desk and incident-response teams. This second part of three discusses the problems of turnover at "Smith & Smith" (a pseudonym).

* * *

Staff turnover represents a serious concern for managers of CSIRTs. According to the Handbook for Computer Security Incident Response Teams (CSIRTs), experienced managers of CSIRTs believe that “having invested in the time and resources to identify, hire, and train staff, it is most important to try to retain them.” CSIRT members that leave an organization take institutional knowledge with them and cause the organization to invest additional time and resources to train new members. This situation could result in the CSIRT’s inability to respond to computer security incidents.

CSIRTs face staff turnover for two main reasons. Some technicians get burned out by the stress or rigor of the job. As the handbook says, “[s]taff can become bored with routine incidents, are physically tired, lack attention to detail, and make costly mistakes.” The organization may terminate their employment as the result of poor performance. Other technicians may quit to pursue better pay or better opportunities at other organizations. The handbook says, “The pull of large salaries will inevitably be enough to immediately draw certain people.” Organizations must address these critical causes of staff turnover.

Two years ago, Smith & Smith was ineffective in its steps to prevent the turnover of help-desk technicians resulting from burnout. One technician, who had been with the firm for three years, was fired because his performance dropped below acceptable levels. He was not responding to trouble calls in a timely manner and was having conflicts with users. My discussions with the technician revealed that he was burned out from the intense demands of his job. His manager counseled him about his performance but did nothing to address the burnout issue.

During the same period, Smith & Smith failed to prevent help-desk technicians from leaving to pursue better opportunities. For example, a technician who had been with the firm for two years and who was one of the best on the help desk resigned to take a position with an information technology auditing company. He had shown great initiative, technical skill, and attention to detail, but conversations with him revealed that the organization had failed to challenge him mentally and therefore he left for a better opportunity.

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services. CV online.