94% of Businesses Acknowledge a Privacy Skills Gap

  • 59% of technical privacy teams are understaffed
  • 1 in 5 say it takes more than 6 months to fill a technical privacy position in their business
  • ISACA is calling on businesses to overhaul their approach to addressing the privacy skills gap to look beyond experience and instead focus on training and upskilling

ISACA surveyed more than 1,800 professionals worldwide—including 375 in Europe—who work in data privacy or have detailed knowledge of the data privacy function within their organisations to demonstrate current perspectives on privacy staffing, organisation structure, frameworks and policies, budgets, training, and data breaches. Learn more about the key findings and the business benefits of privacy by design at www.isaca.org/privacy-month-2023. (Graphic: ISACA)

LONDON--()--Privacy is a critical component of digital trust – it contributes to a more positive reputation and fewer cybersecurity incidents for the companies that prioritise it. Global digital trust association, ISACA, believes that businesses are aware of its significance; according to its 2023 “Privacy in Practice” report published today, 87% of organisations in Europe offer privacy awareness training to employees. But they’re missing the mark as most (94%) companies recognise a privacy skills gap within their business.

ISACA’s “Privacy in Practice” report explores the state of enterprise privacy by examining trends around privacy teams, privacy-related challenges, privacy by design and the future of privacy.

The report reveals that as it stands, more than half (59%) of technical privacy teams in Europe are understaffed. Building these departments is a challenge, with 1 in 5 businesses saying it takes them more than six months to fill a technical privacy position and 41% saying their privacy budgets are underfunded.

The most reported privacy failures include a lack of training or poor training (49%); data breaches (38%); and not practicing privacy by design (39%). With just 38% of business leaders confident in their organisation’s ability to ensure the privacy of its sensitive data, businesses need to change their approach to closing the privacy skills gap or risk jeopardising their relationships with customers and damaging the reputation of the business.

Chris Dimitriadis, Global Chief Strategy Officer, ISACA says: “Privacy professionals play a key role in establishing digital trust. As technology advances, introducing new complexities and threats and as the cyberthreat landscape increases in size and sophistication, demand for these individuals is only going to grow. Heightened privacy skills demand is good news for candidates with privacy technology knowledge but also bad news for businesses that are struggling to close the privacy skills gap. As our new research highlights, businesses need to consider changing their training programmes and adopt privacy by design to limit the number of privacy breaches, build digital trust, and set the business up for long term success.”

Tony Hughes, ISACA Emerging Trends Working Group Member, adds: “Only searching for candidates with specific experience and technical privacy skills is an outdated mindset – it immediately limits businesses to a small pool of people. Instead, organisations need to lean on reskilling people in non-privacy roles, using contract employees and focusing on individuals with the right soft skills to reduce the privacy skills gap.”

Notes to Editors

All figures are based on fieldwork conducted by ISACA. Fieldwork was undertaken in Q4 2022, amongst 1890 global privacy professionals, including 375 in Europe.

ISACA’s Privacy in Practice report is now available to download here.

About ISACA

For more than 50 years, ISACA has equipped individuals and enterprises with the knowledge, credentials, education, training and community to progress their careers, transform their organisations, and build a more trusted and ethical digital world. ISACA leverages the expertise of its more than 165,000 members who work in digital trust fields such as information security, governance, assurance, risk, privacy and quality, with a presence in 188 countries, including 225 chapters worldwide. Through its foundation One In Tech, ISACA supports IT education and career pathways for under resourced and underrepresented populations.

Contacts

olivia.parkinson@firstlightgroup.io, 07526565507

#Hashtags

Contacts

olivia.parkinson@firstlightgroup.io, 07526565507