A newly published Eurobarometer survey highlights the growing shortage of cybersecurity skills across the European Union, calling for immediate action to boost the number of cybersecurity specialists and heighten cybersecurity awareness among staff in companies across the EU.
The survey aligns with recent findings from a foresight report by the EU Agency for Cybersecurity (ENISA), which highlighted the cyber skills gap as a significant factor contributing to increasing cyber threats. These threats pose major risks to the operation of network and information systems and the Single Market’s overall integrity.
Key findings from the Eurobarometer survey on Cyber skills
The Eurobarometer survey revealed several critical insights:
- Awareness and training deficiencies: Although 71% of companies recognise cybersecurity as a high priority, 74% have not conducted any training or awareness programs for their employees. A surprising 68% of companies believe no training is needed, with 16% unaware of training opportunities and 8% citing budget constraints.
- Hiring challenges: Over half of the companies searching for cybersecurity professionals face difficulties, primarily due to a lack of qualified candidates (45%), general candidate shortages (44%), lack of awareness (22%), and budget constraints (16%).
- Qualification and certification gaps: A significant 76% of employees in cybersecurity roles lack formal qualifications or certified training. Furthermore, 34% transitioned from non-cyber roles, and 57% took on cybersecurity responsibilities in addition to their existing duties.
- Diversity and Inclusion: While 70% of respondents acknowledge the importance of diversity and inclusion in cybersecurity, 53% of companies reported having no women in cybersecurity roles. Despite this, about two-thirds agree that women are encouraged to pursue cybersecurity positions.
Strengthening cybersecurity skills: the Commission’s response
In response to these challenges, the European Commission has intensified efforts to raise awareness and visibility of cybersecurity skills initiatives and increase the number of skilled professionals. One pivotal initiative is the Cybersecurity Skills Academy, launched last year to enhance collaboration between private and public sectors at both European and national levels.
On 22 May Commission Vice President Margaritis Schinas and Commissioner Thierry Breton met with industry leaders and organisations committed to providing free training through the Academy. The Academy aims to serve as a central hub for European-wide training opportunities, integrating efforts from various national and European initiatives and offering information on cybersecurity certifications.
In this context, the Cyber Skills Academy’s special section on stakeholder engagement calls on companies and organisations across Europe to make a pledge to address the cybersecurity skills gap and improve gender balance in the field.
Join the effort to close the cyber skills gap in Europe: submit your pledge and join the Cybersecurity Skills Academy!
Investments and future plans
The Commission has dedicated €10 million this year to support projects aimed at implementing cybersecurity training programs for SMEs, start-ups, and the public sector. Since 2021, approximately €600 million has been invested in cybersecurity skills projects and initiatives, with support from Member States and private-sector partners. New funding opportunities are expected to be announced in autumn 2024.
Moreover, the Women4Cyber Network has been included in the Academy’s platform to combat gender-based stereotypes in cybersecurity. This network, hosted here on the Digital Skills and Jobs Platform since March 2024, brings together skilled women in cybersecurity from diverse sectors and levels of expertise.
For more detailed information on the Eurobarometer survey, visit Eurobarometer Survey on Cyberskills.