Cybersecurity Strain: 59% of Teams Understaffed, Job Stress Rising

cybersecurity Europe cyber threats workforce challenges ISACA AI in cybersecurity job stress privacy professionals
Edward Zhou
Edward Zhou

CEO & Co-Founder

 
September 29, 2025 5 min read

Europe Fails to Keep Pace with Rising Cyber Threats

Almost 40% of European IT and cybersecurity professionals report that their organizations are facing more cyberattacks compared to last year, according to new research from ISACA. The study reveals that confidence in readiness remains low, with only 38% feeling fully confident in their organization’s ability to detect and respond to attacks.

As cyber threats increase in scale and complexity, the stress on professionals is palpable, with 65% citing the complex threat landscape as a significant source of stress. Chris Dimitriadis, Chief Global Strategy Officer at ISACA, emphasized the need for a more holistically trained cybersecurity workforce to keep pace with the evolving threats.

Rising Stress Amid Budgets and Staffing

Despite slight increases in budgets and staffing, 58% of respondents report that their organization is still understaffed. The proportion of those indicating underfunding has decreased from 58% in 2024 to 54% in 2025, indicating some prioritization of cybersecurity. However, workplace pressures remain high, with 68% stating their jobs are more stressful than five years ago. Factors contributing to this stress include unrealistic workloads (54%), poor work-life balance (48%), and insufficient training (36%). Alarmingly, 22% of organizations have not taken any steps to address burnout.

Retention and Recruitment Challenges

Talent gaps are a critical issue, with 52% of organizations struggling to retain cybersecurity professionals. Nearly 19% of organizations report unfilled entry-level roles requiring no prior experience, which can take three to six months to fill. Rigid hiring practices contribute to these challenges. While 55% still consider a university degree important, professional credentials (84%) and hands-on training (73%) are valued more highly.

Dimitriadis stresses the importance of broadening recruitment pathways and continuous training to build resilience and reduce stress among cybersecurity professionals.

Cybersecurity and AI

Despite staffing shortages, cybersecurity teams are increasingly involved in AI governance and implementation. More than half (51%) have contributed to AI governance frameworks, up from 36% last year. AI is actively used in threat detection (29%), endpoint security (28%), and routine automation (27%). The urgency for stronger AI security regulations is emphasized as Europe advances the EU AI Act and NIS2.

New Research: 63 Percent of Privacy Professionals Find Their Jobs More Stressful Now Than Five Years Ago

According to ISACA’s 2025 State of Privacy report, 63% of privacy professionals find their roles more stressful than five years ago. The primary causes of this stress include rapid technology evolution (63%), compliance challenges (61%), and resource shortages (59%).

Image illustrating privacy professionals' stress

A Challenging Landscape

The survey highlights major obstacles for privacy programs, including a complex international legal landscape (38%), lack of competent resources (37%), and new technology management (36%). With 43% of respondents indicating underfunded privacy budgets, the hiring of expert-level privacy professionals remains a challenge, with 73% stating these roles are difficult to fill.

Bright Spots

Despite the challenges, 74% of privacy professionals report that their privacy strategies are aligned with organizational objectives. Furthermore, 82% of organizations utilize frameworks or laws to manage privacy.

Practicing privacy by design has been shown to set organizations apart, as 67% of respondents indicate they integrate privacy into their engineering processes, resulting in higher confidence in their privacy teams and better staffing outcomes.

AI’s Evolving Role

The use of AI for privacy-related tasks has increased from 8% last year to 11% this year, with 36% planning to incorporate AI in the next 12 months. Organizations viewing privacy as both an ethical and compliance responsibility tend to leverage AI more effectively.

New ISACA Research: 59 Percent of Cybersecurity Teams are Understaffed

According to ISACA’s 2023 report, 59% of cybersecurity teams are understaffed, with 62% of respondents indicating that organizations underreport cyberattacks. The report highlights skills gaps in areas like soft skills, cloud computing, and security controls.

Image illustrating cybersecurity staffing issues

Staffing and Skills

The report identifies a lack of retention for cybersecurity professionals, with 56% of leaders indicating difficulty in keeping qualified staff. The top five technical skills sought by employers include identity and access management (49%) and cloud computing (48%).

To address skill gaps, organizations are focusing on training non-security staff, increasing reliance on contract employees, and implementing reskilling programs.

Cybersecurity Threats

The report indicates that nearly 48% of organizations are experiencing an increase in cyberattacks. The top three concerns remain enterprise reputation (79%), data breaches (69%), and supply chain disruptions (55%).

Looking Ahead

Seventy-eight percent of respondents expect demand for technical cybersecurity roles to rise in the coming year. As the talent gap in cybersecurity continues to widen, investment in workforce development is critical.

Employers should consider the occupational stress faced by cybersecurity professionals and explore ways to support staff to prevent burnout.

ISACA Research Reveals Cyber Professionals are Feeling the Strain

According to ISACA's newly released 2024 State of Cybersecurity Survey, 64% of cybersecurity professionals in Australia report increased job stress. The survey indicates that the Australian cybersecurity workforce is experiencing stress at slightly higher rates than their global counterparts.

Image illustrating job stress in cybersecurity

Status of Cybersecurity Attacks

In Australia, 29% of organizations are experiencing increased cybersecurity attacks, with social engineering being a primary threat. More than half of respondents expect a cyberattack in the coming year, yet only 32% have confidence in their team’s ability to respond.

Resource Challenges

The survey indicates that 47% of respondents feel their cybersecurity budgets are underfunded, with 51% stating their teams are understaffed.

Skills and Retention Trends

Employers prioritize hands-on experience and credentials when hiring. The main skills gaps in the cybersecurity workforce include soft skills and cloud computing expertise. Addressing these challenges is critical to retaining qualified cybersecurity professionals and ensuring effective incident response.

Edward Zhou
Edward Zhou

CEO & Co-Founder

 

CEO & Co-Founder of Gopher Security, leading the development of Post-Quantum cybersecurity technologies and solutions..

Related Articles

data breach

Massive Leak Exposes 273,000 Indian Bank Transfer Records Online

A significant data breach has exposed 273,000 bank records. Discover the implications for cybersecurity and what actions to take. Stay informed!

By Edward Zhou September 29, 2025 3 min read
Read full article
cybersecurity

First Health Advisory: AHA's Preferred Cybersecurity Provider

Discover how First Health Advisory's designation by the AHA strengthens healthcare cybersecurity. Learn more about their CORE Program today!

By Edward Zhou September 29, 2025 3 min read
Read full article
forensic science

How to Become a Forensic Scientist: Education, Skills, and Steps

Discover the fascinating world of forensic science careers, responsibilities, and specializations. Learn how to start your journey today!

By Edward Zhou September 29, 2025 3 min read
Read full article
cybersecurity

Inside the Life of a Threat Hunter: Uncovering Cybersecurity Insights

Discover the challenges and skills of cybersecurity experts like Alex Johnson and Connor Morley in the fight against cybercrime. Learn more now!

By Edward Zhou September 29, 2025 4 min read
Read full article