The European Union is grappling with a concerning shortage of cybersecurity skills, as revealed by a recent Eurobarometer survey. This skills deficit poses a significant risk to the integrity of the Single Market and the functioning of information networks and systems. Both the Eurobarometer and a report from the EU Agency for Cybersecurity (ENISA) emphasize the urgent need to train more specialists and increase cybersecurity awareness among employees of companies across the EU.
Key findings from the Eurobarometer survey on cyber capabilities:
1. Awareness and training deficiencies: Although 71% of companies consider cybersecurity a high priority, an alarming 74% have not implemented any training or awareness programs for their employees. Surprisingly, 68% of companies believe that no training is needed, while 16% are unaware of available training opportunities, and 8% cite budget constraints as a barrier.
2. Hiring challenges: More than half of the companies seeking cybersecurity professionals struggle to fill vacancies. The main reasons include a lack of qualified candidates (45%), a general shortage of candidates (44%), lack of awareness (22%), and budget limitations (16%).
3. Skill and certification gaps: A significant 76% of employees in cybersecurity roles lack formal qualifications or certified training. Additionally, 34% come from unrelated roles, and 57% take on additional cybersecurity responsibilities alongside their current functions.
4. Diversity and inclusion: While 70% of respondents recognize the importance of diversity and inclusion in cybersecurity, 53% of companies do not have women in cybersecurity roles. Despite this, two-thirds of companies agree that women are encouraged to take up these positions.
The response from the European Commission:
To address these challenges, the European Commission has ramped up efforts to raise awareness about cybersecurity skills and train more professionals. One key initiative is the Cybersecurity Skills Academy, launched last year to enhance collaboration between the public and private sectors at the European and national levels.
On May 22, Commission Vice President Margaritis Schinas and Commissioner Thierry Breton met with industry leaders and organizations committed to providing free training through the Academy. This platform aims to centralize training opportunities at the European level, integrating national initiatives and providing information on cybersecurity certifications.
Investments and future plans:
The European Commission has allocated 10 million euros this year to support projects implementing cybersecurity training programs for SMEs, startups, and the public sector. Since 2021, approximately 600 million euros have been invested in cybersecurity projects, with support from Member States and private sector partners. New funding opportunities will be announced in the fall of 2024.
In summary, the EU is taking proactive steps to close the cybersecurity skills gap and promote a more inclusive and secure environment. However, it is clear that continuous and coordinated efforts are needed to overcome these challenges and better protect Europe’s digital infrastructure.