Chronic shortages of cybersecurity talent are pushing many organizations—especially in Europe, the Middle East, and Africa (EMEA)—to adopt dangerous workarounds rather than build resilient, long-term defenses. According to new research by Insight Enterprises, 64 percent of EMEA firms are resorting to temporary fixes to manage security gaps, and only 24 percent of IT leaders say they have enough in-house cyber skills to handle evolving threats. In the UK, 67 percent of enterprises acknowledge skill deficits, with more than half classifying the shortage as “severe” or “significant.” These constraints are delaying critical security initiatives and compliance efforts, while leadership gaps (in governance, risk planning, and strategic cybersecurity) further exacerbate the problem. Organizations are increasingly warned that patchwork fixes expose them to a higher probability of breaches and inhibit innovation, resilience, and growth.
Source: IT Pro
Key Takeaways
– The cyber skills gap is not just about technical roles—leadership and strategy functions are also vastly under-resourced, creating a broader “strategy crisis.”
– A majority of organizations are delaying key cybersecurity initiatives or compliance efforts due to insufficient internal talent.
– Reliance on short-term fixes and workarounds increases exposure to breaches and undermines long-term resilience and innovation.
In-Depth
The cybersecurity world is confronting a mounting crisis: it’s no longer enough to talk merely about “skills shortages”—the real danger lies in how underprepared organizations are reacting. The Insight Enterprises study paints a stark picture: 64 percent of EMEA organizations admit to relying on quick patches and temporary workarounds to plug security gaps, rather than taking the time to build robust defenses. Meanwhile, only 24 percent of IT decision-makers feel their teams have adequate cyber capacity to keep pace with evolving threats. In the UK, the situation is even more severe: 67 percent of organizations report shortage, and over half consider the impact “severe.”
What’s most concerning is that the shortage is not confined to the technical trenches. Many organizations lack mid- and senior-level talent in governance, risk planning, strategic oversight, and compliance. These leadership gaps mean that cyber efforts are often fractured, siloed, and reactive—leaving firms to continuously chase vulnerabilities rather than anticipate them. Researchers note that firms continuously under pressure resort to fragmented tool stacks, disjointed teams, and stopgap measures, which increase exposure rather than reduce it.
Because many initiatives get delayed or dropped entirely—57 percent of respondents say they’ve postponed key cybersecurity rollouts—the longer-term consequences multiply. Compliance burdens mount, regulatory penalties loom, and evolving vulnerabilities go unaddressed. The irony is that even as digital transformation accelerates, more attack surfaces open up while defense capacity remains constrained.
That doesn’t mean firms are without recourse. Many researchers argue that the real crisis is strategic, not just tactical. In other words, the problem isn’t only “we need more people”; it’s “we need people in the right places doing the right things.” Organizations that embed cybersecurity decision-making into the core of their business strategy—and that build leadership and human-machine collaboration—are best positioned to escape the reactive trap. Investing in leadership training, promoting integration between security and business units, and partnering with external experts may be more vital than ever in turning the skills crisis into an opportunity for resilience.