A new report by ISACA reveals that cybersecurity teams across Europe are under immense pressure. Over half of European cybersecurity professionals (52%) believe their organisation’s cybersecurity budget is insufficient, while 61% say their teams are understaffed.
The strain on cybersecurity teams is taking a toll on their well-being. 68% report that their role is more stressful now than it was five years ago, primarily due to the increasingly complex threat landscape. In fact, 41% of respondents say they have experienced more cyberattacks in the past year, and 58% believe their organisation will likely face an attack within the next 12 months.
To mitigate the risks posed by these growing threats, organisations must invest in their cybersecurity teams. This includes hiring qualified professionals, providing adequate training, and allocating sufficient resources to ensure that teams are equipped to respond effectively to cyberattacks.
Chris Dimitriadis, Chief Global Strategy Officer at ISACA, said: “In an increasingly complex threat landscape, it is vital that, as an industry, we overcome these hurdles of underfunding and under-staffed teams. Without strong, skilled teams, the security resilience of whole ecosystems is at risk – leaving critical infrastructure vulnerable.”
Despite the need for skilled teams to protect businesses, 19% say that their organisation has unfilled and open entry-level positions available, and 48% have unfilled open positions which require experience, a university degree, or other credentials. These figures have dropped only a few percentage points (from 22% and 53%) since 2023, pointing to an ongoing struggle to fill open positions.
Over half of respondents say that soft skills are lacking the most amongst today’s cybersecurity professionals. Of the soft skills in question, 54% feel that communication skills (e.g. speaking and listening skills) are most important, followed by problem-solving (53%) and critical thinking (48%).
Dimitriadis added: “The cybersecurity industry will massively benefit from a diverse range of people – each with different skills, experiences, and perspectives. This is the key to plugging the skills gap. Once talent enters the industry, businesses can then train and upskill new entrants on the job with cyber certifications and qualifications.”
Mike Mellor, Vice President, Security Engineering at Adobe, who sponsored the research, said: “With the increasing frequency and sophistication of cyberattacks, it’s essential for organisations to adopt secure authentication methods to strengthen their defences. Adobe believes that fostering a deep security culture among all employees through anti-phishing training, combined with stronger controls such as zero-trust networks protected by phishing-resistant authentication are essential in safeguarding any organisation.”