New ISACA Study Reveals Rising Job Stress in Cybersecurity Teams
New ISACA Study: Cybersecurity Workforce Challenges
ISACA’s State of Cybersecurity 2025 survey report reveals that 70 percent of security professionals expect the demand for technical cybersecurity professionals to rise in the next year. Despite this, 55 percent of cybersecurity teams are understaffed, and 65 percent have unfilled cybersecurity positions. Only 29 percent of enterprises are providing training for non-security staff to transition into security roles, a decrease from 41 percent last year. This is concerning as 46 percent of respondents noted that many staff had previously transitioned from other fields. For more details, visit ISACA.
Staffing and Resource Challenges
The survey indicates a high demand for technical cybersecurity professionals, but hiring and retention challenges remain significant. 38 percent report it takes three to six months to fill entry-level roles, and 39 percent report similar delays for non-entry-level roles. Additionally, half of the organizations struggle to retain cyber talent. The financial outlook is mixed, with 53 percent indicating budgets are underfunded, but only 41 percent expect budget increases. For insights on improving hiring practices, refer to ISACA Cybersecurity Resources.
Skills Gap and AI Involvement
In the evolving cybersecurity landscape, adaptability (61 percent) and prior cybersecurity experience (60 percent) are the top qualifications sought. Notably, 59 percent of respondents identified soft skills as a significant skills gap, with critical thinking (57 percent), communication (56 percent), and problem-solving (47 percent) being the most crucial. As cybersecurity teams increasingly adopt AI, 47 percent have contributed to AI governance, and 40 percent have been involved in its implementation, primarily in areas like threat detection and routine task automation. More on AI's role in cybersecurity can be found at TechRepublic.
Complex Threat Landscape and Job Stress
The report highlights a complex threat landscape, primarily characterized by social engineering attacks (44 percent), followed by exploited vulnerabilities (37 percent) and malware (26 percent). Despite this awareness, only 41 percent are confident in their incident response capabilities. Stress levels are on the rise, with 66 percent of cybersecurity professionals expressing that their roles are more stressful than five years ago, largely due to the complex threat environment. For a deeper understanding of workplace stress factors, check out ISACA's findings.
Cybersecurity in Europe
Budget and Staffing Issues
Despite some improvements, 58 percent of organizations still report being understaffed, and 54 percent say their cybersecurity budgets are underfunded. The slow progress in staffing and funding fails to align with the escalating cyber risks. 68 percent of professionals feel their jobs are more stressful than five years ago, with many citing unrealistic workloads and insufficient training as contributing factors. For more insights into the stress and hiring challenges in cybersecurity, read the full report on ISACA's website.
Retention and AI Integration
The retention of cybersecurity professionals remains a challenge, with 52 percent of organizations struggling to keep qualified staff. The integration of AI into cybersecurity is accelerating, with 51 percent of teams contributing to AI governance. AI is being utilized for threat detection (29 percent) and endpoint security (28 percent). As legislative measures like the EU AI Act advance, the urgency for stronger AI security regulation and continuous training is evident. Explore more about AI's implications in cybersecurity at ISACA and TechRepublic.
