A recent study conducted by ISACA revealed that many privacy professionals in Europe are feeling the strain of underfunded budgets and a lack of adequate staffing. The research found that 41% of privacy professionals believe their budgets are not sufficient, and over half (56%) expect their budgets to decrease in the upcoming year.
Despite the high demand for technical privacy expertise, the study also revealed that 53% of organizations report that their technical privacy teams are understaffed. In addition, 41% of businesses are struggling to retain qualified privacy professionals, pointing to a broader issue within the industry.
Chris Dimitriadis, Global Chief Strategy Officer at ISACA, expressed concern over the potential decrease in privacy budgets. He mentioned that in an increasingly sophisticated cyberthreat landscape, reduced investments and a lack of skills could lead to disastrous consequences. Dimitriadis emphasized the need for holistic training at both the board and privacy leader level to address the current challenges.
To confront the challenges they are facing, organizations have made efforts to provide training to their employees. According to the study, 68% of privacy professionals stated that their companies offer privacy training annually, and 58% provide training when new hires are onboarded. Furthermore, 71% of respondents acknowledged that privacy training and awareness programs have had a positive impact on wider employee privacy awareness.
Nonetheless, the research also highlighted a significant skills gap within core privacy staff. The study found that the biggest skills gaps for privacy professionals were experience with different types of technologies or applications (65%), technical expertise (50%), and IT operations knowledge (42%).
Despite these challenges, businesses are making efforts to reduce the skills gap. The study revealed that 52% of organizations are offering training to allow non-privacy staff to transition into privacy roles, while 39% are increasing the usage of contractors or external consultants to address the shortage of skilled professionals.
Safia Kazi, ISACA principal of privacy professional practices, emphasized the importance of investing in privacy training and prioritization to manage privacy compliance and issues effectively. Kazi stressed that allocating the right resources towards privacy training is crucial for protecting data, building trust with consumers, and preserving supplier relationships.
In conclusion, the research conducted by ISACA highlights the pressing need for adequate funding and skilled professionals within the privacy sector. With the increasing complexity of privacy challenges, organizations must prioritize comprehensive training and invest in the development of privacy professionals to navigate the evolving landscape effectively.