The cybersecurity boom hiding a growing privacy skills shortage
Date:
Tue, 07 Apr 2026 09:31:26 +0000
Description:
The UK's cybersecurity workforce has nearly tripled, but headcount growth is masking a deeper crisis - privacy teams remain critically understaffed, underfunded, and underpowered just as threats intensify.
FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter High-profile breaches have forced privacy firmly onto the boardroom agenda. According to recent research from Nardello, more than four in ten business leaders are concerned about the reputational impact of a cyber incident.
Their concern is justified. Public scrutiny of cybersecurity capability is intensifying, yet operational resilience is not keeping pace. Article continues below You may like Britain's compliance blind spot Why modern cyber conflict is partly a global skills challenge The human cost of cybersecurity and what we should do about it Chris Dimitriadis Social Links Navigation
Chief Global Strategy Officer of ISACA. Socuras analysis of the Office for National Statistics Annual Population Survey shows there are now 83,700 cybersecurity professionals in the UK, up from 28,500 in 2021. That 194% increase suggests rapid progress, but headcount growth alone does not guarantee preparedness.
In fact, a report from the Department for Science, Innovation & Technology shows that in 2025, nearly half (49%) of businesses in the UK labor market
had a basic skills gap.
If the right skills are not being developed at the same rate as emerging threats, or if critical functions such as privacy remain under resourced within organizations, workforce expansion risks masking deeper structural gaps. Failure to invest is failure to protect Cyberattacks affecting the Foreign Office, Asahi, the NHS and Jaguar Land Rover over the last 12 months have exposed vulnerabilities across both public and private sectors. Are you
a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting
your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
Crucially, they show that gaps in cybersecurity and privacy capability are
not limited to smaller or resource-constrained organizations; even well-established institutions are struggling to keep pace.
The strain on privacy teams is significant. More than a quarter (26%) of privacy professionals say their board is failing to adequately prioritize privacy, despite escalating threats. Nearly four in ten (39%) legal privacy teams and over half (51%) of technical privacy teams report being understaffed.
At the same time, more than half (54%) expect budgets to decrease further in 2026. More broadly, ISACAs 2025 survey of business and IT professionals in Europe found that over half (58%) report that their organization remains understaffed. What to read next The human paradox at the center of modern cyber resilience Privacys about to become boring, and thats a good thing (for those that take note) When confidence becomes a risk: The gap between cyber resilience readiness and reality
This creates a dangerous paradox. Teams are asked to defend against an expanding threat landscape with shrinking resources. Unsurprisingly, more
than a quarter (26%) of privacy professionals believe their organization is likely to experience a material privacy breach within the next year.
The consequences extend beyond data loss . Chronic understaffing and budget constraints increase burnout, undermine retention and weaken long-term resilience.
Two thirds (67%) of privacy professionals say their role is more stressful
now than it was five years ago, while 34% of organizations struggle to retain qualified privacy professionals. From privacy compliance to capability Whats required now is a shift from reactive compliance to proactive integration. Privacy by design must be embedded across organizations, ensuring data protection is considered from the outset of every project, system and decision. A culture of minimal compliance is no longer tenable.
Many organizations are struggling to keep pace with evolving regulation. Over a fifth (22%) of privacy professionals in Europe say their organization finds it difficult to identify and understand its privacy obligations, while more than half (51%) cite the complexity of international laws as a key barrier.
This uncertainty, combined with underfunding and inadequate staffing creates systemic vulnerability.
AI-powered privacy-enhancing tools and automated response platforms are essential. But technology alone cannot close the privacy gap. Organizations still need skilled professionals who can deploy these tools effectively, interpret risk signals, and apply controls consistently. As technology evolves, so too must expertise.
Capability can only be built with a combination of a holistically trained workforce and advanced technologies that can jointly address new generation threats. Resilience starts with leadership Business leaders must move beyond acknowledging privacy risk to actively strengthening the capability that manages it. Investment must prioritize people as much as platforms.
Technology can support resilience, but only well-trained, adequately
resourced professionals can interpret risk, make judgement calls and respond effectively when incidents occur.
Privacy by design should be embedded into governance, product development and operational decision-making, not retrofitted after deployment. Regulatory frameworks such as GDPR set the baseline, but true resilience comes from integrating data protection into culture, controls and accountability structures.
Above all, privacy must be treated as a business continuity issue. It
directly affects operational stability, reputation and long-term value creation. Expanding headcount alone will not close the gap. Without sustained funding, skills development and visible leadership commitment, organizations will continue to face preventable disruption.
Resilient organizations recognize that privacy capability is not a compliance function on the periphery - it is a strategic asset at the core of trust. We've featured the best encryption software. This article was produced as
part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here
are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here:
https://www.techradar.com/news/submit-your-story-to-techradar-pro
======================================================================
Link to news story:
https://www.techradar.com/pro/the-cybersecurity-boom-hiding-a-growing-privacy- skills-shortage
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)