New ISACA Study Reveals Rising Job Stress in Cybersecurity Teams

cybersecurity workforce ISACA study 2025 staffing challenges AI in cybersecurity cybersecurity skills gap
Edward Zhou
Edward Zhou

CEO & Co-Founder

 
September 29, 2025 3 min read

New ISACA Study: Cybersecurity Workforce Challenges

ISACA’s State of Cybersecurity 2025 survey report reveals that 70 percent of security professionals expect the demand for technical cybersecurity professionals to rise in the next year. Despite this, 55 percent of cybersecurity teams are understaffed, and 65 percent have unfilled cybersecurity positions. Only 29 percent of enterprises are providing training for non-security staff to transition into security roles, a decrease from 41 percent last year. This is concerning as 46 percent of respondents noted that many staff had previously transitioned from other fields. For more details, visit ISACA.

Staffing and Resource Challenges

The survey indicates a high demand for technical cybersecurity professionals, but hiring and retention challenges remain significant. 38 percent report it takes three to six months to fill entry-level roles, and 39 percent report similar delays for non-entry-level roles. Additionally, half of the organizations struggle to retain cyber talent. The financial outlook is mixed, with 53 percent indicating budgets are underfunded, but only 41 percent expect budget increases. For insights on improving hiring practices, refer to ISACA Cybersecurity Resources.

Skills Gap and AI Involvement

In the evolving cybersecurity landscape, adaptability (61 percent) and prior cybersecurity experience (60 percent) are the top qualifications sought. Notably, 59 percent of respondents identified soft skills as a significant skills gap, with critical thinking (57 percent), communication (56 percent), and problem-solving (47 percent) being the most crucial. As cybersecurity teams increasingly adopt AI, 47 percent have contributed to AI governance, and 40 percent have been involved in its implementation, primarily in areas like threat detection and routine task automation. More on AI's role in cybersecurity can be found at TechRepublic.

Complex Threat Landscape and Job Stress

The report highlights a complex threat landscape, primarily characterized by social engineering attacks (44 percent), followed by exploited vulnerabilities (37 percent) and malware (26 percent). Despite this awareness, only 41 percent are confident in their incident response capabilities. Stress levels are on the rise, with 66 percent of cybersecurity professionals expressing that their roles are more stressful than five years ago, largely due to the complex threat environment. For a deeper understanding of workplace stress factors, check out ISACA's findings.

Cybersecurity in Europe

Nearly Two-thirds of Cybersecurity Pros Say Job Stress Is Growing, According to New ISACA Research
In Europe, nearly 39 percent of IT and cybersecurity professionals report an increase in cyberattacks compared to the previous year. However, confidence in readiness remains low, with only 38 percent feeling fully confident in their organizations' detection and response capabilities. This situation is compounded by 65 percent citing the complex threat landscape as a significant stressor. For further details on the European cybersecurity outlook, consult the Datamation article.

Budget and Staffing Issues

Despite some improvements, 58 percent of organizations still report being understaffed, and 54 percent say their cybersecurity budgets are underfunded. The slow progress in staffing and funding fails to align with the escalating cyber risks. 68 percent of professionals feel their jobs are more stressful than five years ago, with many citing unrealistic workloads and insufficient training as contributing factors. For more insights into the stress and hiring challenges in cybersecurity, read the full report on ISACA's website.

Retention and AI Integration

The retention of cybersecurity professionals remains a challenge, with 52 percent of organizations struggling to keep qualified staff. The integration of AI into cybersecurity is accelerating, with 51 percent of teams contributing to AI governance. AI is being utilized for threat detection (29 percent) and endpoint security (28 percent). As legislative measures like the EU AI Act advance, the urgency for stronger AI security regulation and continuous training is evident. Explore more about AI's implications in cybersecurity at ISACA and TechRepublic.

Edward Zhou
Edward Zhou

CEO & Co-Founder

 

CEO & Co-Founder of Gopher Security, leading the development of Post-Quantum cybersecurity technologies and solutions..

Related Articles

data breach

Massive Leak Exposes 273,000 Indian Bank Transfer Records Online

A significant data breach has exposed 273,000 bank records. Discover the implications for cybersecurity and what actions to take. Stay informed!

By Edward Zhou September 29, 2025 3 min read
Read full article
cybersecurity

First Health Advisory: AHA's Preferred Cybersecurity Provider

Discover how First Health Advisory's designation by the AHA strengthens healthcare cybersecurity. Learn more about their CORE Program today!

By Edward Zhou September 29, 2025 3 min read
Read full article
forensic science

How to Become a Forensic Scientist: Education, Skills, and Steps

Discover the fascinating world of forensic science careers, responsibilities, and specializations. Learn how to start your journey today!

By Edward Zhou September 29, 2025 3 min read
Read full article
cybersecurity

Inside the Life of a Threat Hunter: Uncovering Cybersecurity Insights

Discover the challenges and skills of cybersecurity experts like Alex Johnson and Connor Morley in the fight against cybercrime. Learn more now!

By Edward Zhou September 29, 2025 4 min read
Read full article