Cybersecurity teams are under strain, as 61% of European cybersecurity professionals say that their organisation’s cybersecurity team is understaffed, and over half (52%) believe that their organisation’s cybersecurity budget is underfunded. That’s according to new research from ISACA, the leading global professional association helping individuals and organisations in their pursuit of digital trust.
Also Read: Survey: Cybersecurity Pros See AI As A Double-Edged Sword
Cybersecurity teams can’t keep up with growing levels of cyberattacks, new #ISACA research reveals.
Staff and funding struggles are having an impact on wellbeing as 68% feel that their role is more stressful now compared to five years ago, with 79% putting this down to the increasingly complex threat landscape.
Two in five (41%) of respondents say they are experiencing more cyberattacks when compared to a year ago, and 29% think they are experiencing the same amount.
But respondents don’t feel the number of attacks will be slowing down any time soon. Over half (58%) state it is likely their organisation will experience a cyberattack in the next year. This has increased by 6 percentage points (52%) compared to 2023 so there needs to be more investment in the right staff and skills to prepare and respond to these attacks to limit long term damage.
Chris Dimitriadis, Chief Global Strategy Officer at ISACA, said: “In an increasingly complex threat landscape, it is vital that, as an industry, we overcome these hurdles of underfunding and under-staffed teams. Without strong, skilled teams, the security resilience of whole ecosystems is at risk – leaving critical infrastructure vulnerable.”
Despite the need for skilled teams to protect businesses, 19% say that their organisation has unfilled and open entry-level positions available, and 48% have unfilled open positions which require experience, a university degree, or other credentials. These figures have dropped only a few percentage points (from 22% and 53%) since 2023, pointing to an ongoing struggle to fill open positions.
52% of respondents say that soft skills are lacking the most amongst today’s cybersecurity professionals. Of the soft skills in question, 54% feel that communication skills (e.g. speaking and listening skills) are most important, followed by problem-solving (53%) and critical thinking (48%).
Also Read: Bots and Deepfakes: How Do We Navigate the New Era of Digital Identity?
Dimitriadis added: “The cybersecurity industry will massively benefit from a diverse range of people – each with different skills, experiences, and perspectives. This is the key to plugging the skills gap. Once talent enters the industry, businesses can then train and upskill new entrants on the job with cyber certifications and qualifications.”
Mike Mellor, Vice President, Security Engineering at Adobe, who sponsored the research, said: “With the increasing frequency and sophistication of cyberattacks, it’s essential for organisations to adopt secure authentication methods to strengthen their defences. Adobe believes that fostering a deep security culture among all employees through anti-phishing training, combined with stronger controls such as zero-trust networks protected by phishing-resistant authentication are essential in safeguarding any organisation.”
Notes to Editors
On May 3, 2024, an online survey was sent to approximately 39,000 ISACA members and non-members, globally, holding a CISM certification OR having “security” in their job title, asking their opinions on the state of cybersecurity within their organization. As this respondent pool is comprised entirely of ISACA members or ISACA certification holders, within limited geographies and industries, it should not be interpreted to represent the entire IT Security population. 1,868 respondents completed the entire survey, with a margin of error of +/- 2 points at the 95% confidence level. Note that response rates vary by question.
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]
