Government cyber experts feel they lack resources for breach response, finds (ISC)² survey

Respondents from government and military expressed uncertainty over their organization's breach response capabilities.
U.S. Army Staff Sgt. Paul Coffy (center, seated) views the status of the virtual exercise environment as two West Virginia University students and U.S. Army Staff Sgt. Adam Brenner (right) observe. Photo by U.S. Air Force Staff Sgt. Mallory Coleman)

Just 42% of government cybersecurity professionals feel they have the necessary tools and staff to respond to cyber incidents in the next two to three years, according to a survey by nonprofit (ISC)².

U.S. government and military were among five industry categories from which survey respondents were least likely to express confidence about their organization’s ability to respond to potential cyber incidents.

The findings were outlined in a cybersecurity workforce study commissioned earlier this year by (ISC)², which surveyed over 11,000 cybersecurity professionals. (ISC)² is a major nonprofit association for certified cybersecurity professionals.

Of the cybersecurity professionals surveyed, 61% said their primary concern in the next two years is the potential risks of emerging technologies like blockchain, AI, VR, quantum computing, and keeping up with changing government regulatory requirements.  


According to the survey, 70% of respondents reported that their respective organizations don’t have enough cyber employees, and data from the study also revealed the need for 3.4 million more cyber workers globally to secure digital assets effectively.  

More than half of the survey respondents with cyber workforce shortages said that staff deficits put their organization at a “moderate” or “extreme” risk of a cyberattack. 

“As a result of geopolitical tensions and macroeconomic instability, alongside high-profile data breaches and growing physical security challenges, there is a greater focus on cybersecurity and increasing demand for professionals within the field,” said Clar Rosso, CEO of (ISC)².

“The study shows us that retaining and attracting strong talent is more important than ever. Professionals are saying loud and clear that corporate culture, experience, training and education investment and mentorship are paramount to keeping your team motivated, engaged and effective.”

The survey showed also that while 75% of cyber professionals report strong job satisfaction and passion about their work, over 70% still feel overworked, while a quarter of respondents below age 30 consider “gatekeeping and generational tensions” as a top-five challenge for them in the next two years.


When it comes to diversity, equity and inclusion with the cybersecurity landscape, the survey showed that 55% of cyber employees believe diversity will increase among their teams within two years but 30% of female and 18% of non-white cyber employees feel discriminated against at work currently. 

Latest Podcasts