Most European organizations are taking dangerous risks when it comes to security, largely due to a chronic shortage of relevant cyber skills.
According to new research from Insight Enterprises, the skills crisis is forcing 64% of organizations across EMEA to take risky shortcuts and implement temporary fixes to meet security demands.
"Legacy approaches to cybersecurity are being stretched beyond their limits,” researchers said.
“Teams working in silos, with fragmented tools and limited support, are being asked to manage rapidly expanding attack surfaces, secure hybrid infrastructures, and keep pace with the accelerating adoption of AI technologies — all while navigating increasing regulatory demands and growing pressure on budgets.”
The result, researchers said, is a “mounting disconnect” between what enterprises need from cybersecurity, and what current models can deliver.
A concerning portion of businesses employ workarounds or short-term fixes, but researchers warned they come at a huge cost.
“Organizations that can’t keep up with security demands risk not just higher exposure to breaches, but slower innovation, reduced resilience, and missed growth opportunities,” the study noted.
Cyber skills shortages are hurting UK businesses
In the UK, the skills crisis is particularly acute, with researchers finding 67% of enterprises reported a significant talent shortage. More than half (56%) described their talent shortage as ‘severe’ or ‘significant’.
Notably, the biggest problem is at the senior level, with 50% citing gaps in strategic skills such as governance, planning, and risk assessment.
As a result, only 24% of IT decision-makers across EMEA say they have sufficient in-house cyber skills to keep pace with evolving threats. This is has led 57% to delay key initiatives, with the same number struggling to meet compliance requirements.
Cyber skills go beyond technical know-how
Crucially, the study from Insight noted the cyber skills gap isn't just confined to technical roles. Indeed, this issue spans operations, leadership, and compliance functions, undermining both day-to-day resilience and long-term strategic planning.
The biggest barrier to filling the skills gap is the high cost of hiring and training, an issue cited by 68% of respondents, followed by a lack of qualified candidates in the market, at 65%.
Researchers said that while complete replacement of human workers is unrealistic, cultivating leaders who can orchestrate better human-machine collaboration could be a workaround.
The ability for leaders to translate technical risk into business impact and embed security within day-to-day business processes is crucial.
“The organizations that will lead in the next era are those that align strategic talent with intelligent technology and trusted partnerships,” said Adrian Gregory, EMEA president at Insight. "It’s this blend that builds the resilience required to grow, adapt, and stay ahead.”
There is hope for the future, the study noted. Most leaders are confident that AI can revolutionize organizational workflows and 60% expect the cybersecurity skills gap to improve over the next year - although a quarter expect it to get worse.
Meanwhile, training and retention schemes for promising junior staff will be an important strategy for creating a skilled pipeline for mid- and senior-level roles.
“The skills crisis may have started this conversation, but the strategy crisis is what will define its outcome," said Rob O’Connor, Insight's chief information security officer for EMEA.
"Organizations that treat cybersecurity as a strategic business discipline — not a bolt-on IT function — will be the ones who thrive.”
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
- How to choose the best cybersecurity vendor for your business
- Best online cybersecurity courses
- Cybersecurity certification vs degree: Which is best for your career?
-
Seagate and Acronis are teaming up to drive MSP storage capabilitiesNews Acronis will incorporate Seagate’s Lyve Cloud Object Storage into its archival storage offerings to help MSPs meet AI-driven data demands
-
Fiverr’s CEO told staff to upskill in AI – then cut 30% of the workforce to become an ‘AI-first’ companyNews The warning earlier this year didn't help a third of the company's workforce
-
Pentesters are now a CISOs best friend as critical vulnerabilities skyrocketNews Attack surfaces are expanding rapidly, but pentesters are here to save the day
-
Hackers are disguising malware as ChatGPT, Microsoft Office, and Google Drive to dupe workersNews Beware of downloading applications like ChatGPT, Microsoft Office applications, and Google Drive through search engines
-
Generative AI attacks are accelerating at an alarming rateNews Two new reports from Gartner highlight the new AI-related pressures companies face, and the tools they are using to counter them
-
A terrifying Microsoft flaw could’ve allowed hackers to compromise ‘every Entra ID tenant in the world’News The Entra ID vulnerability could have allowed full access to virtually all Azure customer accounts
-
‘Channel their curiosity into something meaningful’: Cyber expert warns an uptick of youth hackers should be a ‘wake-up call’ after teens charged over TfL attackNews Encouraging youths to engage in positive tech initiatives will guide them down the right path and away from nefarious activities
-
Microsoft and Cloudflare just took down a major phishing operationNews RaccoonO365’s phishing as a service platform has risen to prominence via Telegram
-
Cyber professionals are losing sleep over late night attacksNews Hackers are biding their time and launching attacks when businesses can’t respond
-
BreachForums founder resentenced to three years in prisonNews A US appeals court vacated his previous sentence and remanded the case for resentencing
