Privacy budgets expected to decrease in 2024, new research shows
Ahead of Data Protection Day, a new study worryingly reveals that European organizations are probably going to decrease privacy funding in 2024. More pretty grim statistics are provided.
Two in every five (41%) privacy professionals in Europe state their budgets are underfunded and over half (56%) expect them to decrease this year. That’s according to new research from ISACA, the leading global professional association helping individuals and organizations in their pursuit of digital trust.
Decreases are expected despite the fact that over half (53%) of organizations reported that their technical privacy teams are understaffed. Two in five (41%) businesses also state that they have trouble retaining qualified privacy professionals.
“Reducing privacy budgets would be deemed normal if privacy operations were considered mature and mainstream. This however is not the case, and our research highlights that a combination of reduced investments with lack of skills in an increasingly sophisticated cyberthreat landscape is a recipe for disaster,” said Chris Dimitriadis, global chief strategy officer at ISACA.
“It is also proof that more holistic training at a board and privacy leader level needs to take place for both understanding and communicating the needs respectively.”
To be fair, to combat some of the challenges that they’re facing, organizations have been diligent about providing training to employees – 68% of privacy professionals say their company offers privacy training annually while 58% offer training when new hires are made.
71% of respondents indeed say privacy training and awareness programs have had a positive impact on wider employee privacy awareness.
However, there is still a long way to go for businesses, as only 10% of respondents feel completely confident in their organization’s privacy team’s ability to ensure data privacy and achieve compliance with new privacy laws and regulations.
A skills gap still prevails for core privacy staff, ISACA says in the report. Experience with different types of technologies or applications (65%), technical expertise (50%) and IT operations knowledge (42%) are the biggest skills gaps privacy professionals are facing within their teams.
Reassuringly, organizations are taking steps to reduce that skills gap, with 52% offering training to allow non-privacy staff to move into privacy roles, while 39% are increasing the usage of contractors or external consultants.
“Organizations clearly crave expertise when it comes to managing privacy compliance and issues. This starts with putting the right resources towards privacy training and prioritization. Only then can they protect their data, build trust with consumers, and preserve supplier relationships. Better privacy ultimately benefits us all,” said Safia Kazi, ISACA principal, privacy professional practices.