IBM has found that staffing shortages in cybersecurity have contributed to increased data breach costs in recent years.
The company's Cost of a Data Breach Report 2022 found that organizations with insufficiently staffed security teams faced an average breach cost of $4.56m.
The cybersecurity skills gap also contributed to a $1.76m increase in average breach costs according to IBM's 2024 report.
The report found that more than half of breached organizations faced severe security staffing shortages, a skills gap that increased by double digits from the previous year.
The ever-expanding attack surface is also a factor in the skills gap, with new technologies, such as generative AI, creating the need for specialized skills faster than the development of professionals to possess them.
Burnout caused by rising incidents and intensifying workloads due to the pandemic-related shift to remote work is another factor contributing to cybersecurity staffing shortages.
IBM recommends approaches to addressing cybersecurity skills shortages, such as managed security services, simplifying environments, training and development, incentivizing the upskilling and reskilling of existing IT staff, competitive compensation and benefits packages, and stronger identity security.
AI and automation can partially offset the impact of staffing shortages by improving efficiency and reducing the need for repetitive tasks.
The widespread adoption of AI is expected to create even greater pressure on cybersecurity teams.
Organizations can help to alleviate the skills gap by fostering relationships with local universities, offering placements and providing a graduate entry route into their organization.