Código HTML do Conteúdo

Post: Two-Thirds of Organizations Have Unfilled Cybersecurity Positions

<div> <div> <div> <div data-edit-folder-name="text" data-index="0" data-layout-id="2" id="layout-252abb49-6cb2-43e5-8d5a-fbf8343ae423"> <p>Organizations continue to experience significant cybersecurity skills shortages, with 65% of firms reporting unfilled cyber positions, a new ISACA survey has found.</p> <p>Over a third (38%) of cybersecurity professionals surveyed revealed it takes three to six months to hire for entry-level roles and 39% said the same for non-entry-level positions.</p> <p>Additionally, half of organizations admitted that they struggle to retain cyber talent.</p> <p>In total, 55% of respondents believe their security teams are understaffed. This represents a <a href="https://www.infosecurity-magazine.com/news/isaca-european-security/" target="_blank">small drop from 2024</a>, when 61% said their team is understaffed.</p> <p>Over half (53%) of respondents believe their cybersecurity budget is underfunded, which is down from 59% in 2024. However, fewer expect their budget to increase compared to last year&rsquo;s <em><a href="https://www.isaca.org/resources/infographics/state-of-cybersecurity-2025-infographic" target="_blank">State of Cyber 2025</a></em>research (41% vs. 47%).</p> <p>Just 56% think that their board prioritizes cybersecurity.</p> <p>Chris Dimitriadis, chief global strategy officer at ISACA, commented: &ldquo;While organizations are starting to acknowledge the problem and take steps to address long-standing issues in budgets and staffing, the pace of change is still far too slow.&rdquo;</p> <p>He added: &ldquo;The reality is that cybercriminals are moving faster than most organizations can respond. Now is the time to invest in investing in a more holistically trained cybersecurity workforce, an investment towards customer trust and in gaining competitive advantages, not just a reactive move following an incident.&rdquo;</p> <h2><strong>University Graduates Unprepared for Cyber Roles</strong></h2> <p>Just 27% of respondents believe university graduates are well prepared for cybersecurity roles.</p> <p>The top knowledge gaps in new graduates included incident response (43%), data security (39%), threat detection and response (39%) and identity and access management (39%).</p> <p>Security professionals emphasized the need for more soft skills in their teams ahead of formal qualifications, with 59% reporting a gap in this area. The top three soft skills required were critical thinking (57%), communication (56%) and problem solving (47%).</p> <p>Adaptability was considered the top qualification factor for security roles (61%), followed by hands-on experience (60%).</p> <p>Overall, 46% of those surveyed said that more than half of their cyber team transitioned into the field from other roles.</p> <p>Dimitriadis said the findings demonstrate the need to keep widening the pathways into the cybersecurity sector.</p> <p>&ldquo;By valuing hands-on training, professional credentials and transferable skills, organizations can strengthen their teams and ease the pressure on overstretched professionals,&rdquo; he noted.</p> <h2><strong>Threat Landscape Increasing Pressure on Cyber Pros </strong></h2> <p>The ISACA research also highlighted growing pressures on cybersecurity professionals. Around two-thirds (66%) said their role is more stressful than five years ago.</p> <p>The biggest contributing factor is the complex threat landscape, cited by 63% of respondents.</p> <p>Over a third (35%) reported increased attacks in 2025, while 43% believe an attack on their organization is likely or very likely in the next year.</p> <p>Additionally, 39% believe that cybercrime is underreported, even when reporting is required by law.</p> <p>Just 41% said they are confident in their team&rsquo;s incident-response capabilities.</p> <p>The top attack vector cited by respondents was social engineering (44%). This was followed by <a href="https://www.infosecurity-magazine.com/news/automation-vulnerability/" target="_blank">exploited vulnerabilities</a> (37%) and malware (26%).</p> <p>ISACA&rsquo;s <em>State of Cybersecurity 2025-2026</em> report surveyed more than 3800 cybersecurity professionals globally.</p> </div> </div> </div></div>