Privacy budgets expected to decrease in 2024

Two in every five (41%) privacy professionals in Europe state their budgets are underfunded and over half (56%) expect them to decrease this year. That’s according to new research from ISACA, the leading global professional association helping individuals and organisations in their pursuit of digital trust.

  • 9 months ago Posted in

Anticipated drops in privacy budgets come despite half (53%) of organisations reporting that their technical privacy teams are understaffed. Two in five (41%) businesses also state that they have trouble retaining qualified privacy professionals.

“Reducing privacy budgets would be deemed normal if privacy operations were considered mature and mainstream. This however is not the case, and our research highlights that a combination of reduced investments with lack of skills in an increasingly sophisticated cyberthreat landscape is a recipe for disaster. It is also proof that more holistic training at a board and privacy leader level needs to take place for both understanding and communicating the needs respectively.” says Chris Dimitriadis, Global Chief Strategy Officer at ISACA.

To combat some of the challenges they’re facing, organisations have been diligent about providing training to employees – 68% of privacy professionals say their company offers privacy training annually while 58% offer training when new hires are made. 71% of respondents say privacy training and awareness programs have had a positive impact on wider employee privacy awareness.

However, there is still a long way to go for businesses, as only 10% of respondents feel completely confident in their organisation's privacy team's ability to ensure data privacy and achieve compliance with new privacy laws and regulations.

It’s clear that a skills gap still prevails for core privacy staff. Experience with different types of technologies or applications (65%), technical expertise (50%) and IT operations knowledge (42%) are the biggest skills gaps privacy professionals are facing within their teams.

Reassuringly, organisations are taking steps to reduce that skills gap, with 52% offering training to allow non-privacy staff to move into privacy roles, while 39% are increasing the usage of contractors or external consultants.

“Organisations clearly crave expertise when it comes to managing privacy compliance and issues. This starts with putting the right resources towards privacy training and prioritisation. Only then can they protect their data, build trust with consumers, and preserve supplier relationships. Better privacy ultimately benefits us all,” adds Safia Kazi, ISACA principal, privacy professional practices.

Acquisition of leading DSPM company will bolster Proofpoint’s human-centric security platform...
NTT DATA’s new Managed Detection & Response service powered by Palo Alto Networks Cortex XSIAM...
SPG is enhancing its cybersecurity capabilities in a new partnership with Saviynt, a leading...
Graylog has unveiled significant security advancements to drive smarter, faster, and more...
Datadog has published its new report, the State of Cloud Security 2024. The report found that...
ISACA research shows automating threat detection/response and endpoint security are the most...
Strategic partnership unifies AI-native endpoint security and next-generation firewall protection...
Advanced forms of social engineering are on the rise, though obvious gaps like weak passwords are...