In an increasingly complex digital landscape, cyberattacks cost businesses billions of dollars annually. European cybersecurity professionals are facing unprecedented challenges, struggling to keep pace with the volume and sophistication of these attacks.
Understaffed and Underfunded
- The ISACA study, which surveyed nearly 2,000 members, paints a stark picture of the current state of cyber security teams:61% of respondents believe their teams are understaffed
- 52% feel their teams are underfunded despite predicted increases in spending
These resource constraints leave security professionals unable to effectively combat the ever-evolving threat landscape, potentially putting the organizations they protect at risk.
Rising Stress Levels
- The pressure on cyber security teams is taking a toll on their well-being:68% of professionals report that their work is more stressful now than it was in 2019
- 79% attribute this increased stress to the complexity of the current threat landscape
The ongoing challenges show no signs of abating, with 58% of respondents expecting to face a cyberattack within the next 12 months – a 6% increase from the previous year
The Skills Gap Persists
- Despite the high demand for cyber security expertise, there remains a significant skills shortage in the industry: 19% of organizations have unfilled entry-level positions
- 48% have open positions requiring experience, degrees, or specific cyber-related credentials
While these figures show a slight improvement from 2023, the struggle to attract qualified candidates continues
Soft Skills in High Demand
- Interestingly, the study highlights that technical prowess alone is no longer sufficient in the cyber security field: 52% of respondents identified soft skills as the most lacking among cyber professionals
- Communication skills topped the list of in-demand soft skills, followed by problem-solving and critical thinking
These non-technical abilities are becoming increasingly crucial as security practitioners are called upon to interact with board leadership, manage crises, and guide employees through security training.
Failing to address the challenges faced by cybersecurity teams can have devastating consequences. Data breaches, reputational damage, and significant financial losses are all potential outcomes. By implementing the strategies mentioned above, organizations can create a more secure environment for their data and employees.
Looking Ahead
To address these challenges, industry experts emphasize the need for diversity in the cybersecurity workforce. Chris Dimitriadis, ISACA’s chief global strategy officer, suggests that “a diverse range of people – each with different skills, experiences, and perspectives” is key to bridging the skills gap
Additionally, organizations are advised to foster a strong security culture among all employees. This includes implementing anti-phishing training and adopting stronger controls, such as zero-trust networks protected by phishing-resistant authentication.
As the cyber threat landscape continues to evolve, it’s clear that the industry must adapt. By addressing staffing and funding issues, nurturing both technical and soft skills, and embracing diversity, cybersecurity teams can better position themselves to face the challenges that lie ahead.
A Closer Look at the Numbers
While both the ComputerWeekly article and the ISACA press release report on the same study, there are some slight variations in the percentages presented:
Understaffed Teams
- ComputerWeekly: 61% of cybersecurity teams feel understaffed
- ISACA: 62% of teams report being understaffed
Increased Stress Levels
- ComputerWeekly: 68% of professionals feel more stressed now than in 2019
- ISACA: 65% report higher stress levels compared to 2019
These minor discrepancies likely stem from rounding differences or slight variations in how the data was interpreted. Despite these small differences, both sources paint a consistent picture of the challenges facing cybersecurity professionals today.
References:
https://www.computerweekly.com/news/366612212/Cyber-teams-say-they-cant-keep-up-with-attack-volumes