According to Silicon Republic, EY Ireland’s Cyber Leaders Index surveyed 165 cybersecurity professionals between July and August 2024 and found that 83% of Irish organizations enhanced their cybersecurity measures in the past six months. However, 72% struggle to fund company-wide cyber training, while 43% face similar budget problems for hiring and retaining skilled staff. The report also revealed that 48% of leaders see AI and data security as key priorities, but 44% can’t secure budget for AI security initiatives. Additionally, 37% of respondents worry about gaps in their organization’s cyber risk coverage, and more than one in four (26%) report negative mental health impacts from their work.
Sponsored content — provided for informational and promotional purposes.
The alarming training gap
Here’s the thing that really stands out: companies are spending money on fancy security tools, but they’re completely neglecting the human element. We’re talking about 83% investing in technology while 72% can’t even fund proper training. That’s like buying a sports car but skipping driving lessons. And honestly, this isn’t surprising – it’s the same pattern we’ve seen for years where organizations treat cybersecurity as a technology problem rather than a people problem.
AI ambitions meet budget reality
Nearly half of these cyber leaders are saying AI security is a priority, but almost the same number can’t get the budget for it. That disconnect is downright dangerous. Companies are racing to implement AI tools without properly securing them, basically creating new attack surfaces while their security teams watch from the sidelines. It’s the classic “move fast and break things” approach, except now we’re dealing with sophisticated AI systems that could amplify security failures exponentially.
The hidden burnout crisis
When 26% of cybersecurity professionals report negative mental health impacts, we’ve got a serious problem. Burnout isn’t just bad for employees – it’s becoming what EY’s Puneet Kukreja calls a “hidden cyber risk.” Think about it: exhausted, stressed-out security teams are more likely to miss threats or make mistakes. And with 37% already concerned about coverage gaps, this creates a perfect storm where understaffed, overworked teams are defending against increasingly sophisticated attacks.
What’s really going wrong here?
So why are companies still getting this so wrong after years of high-profile breaches? Basically, they’re treating cybersecurity as a cost center rather than a business enabler. The C-suite sees security spending as an expense to minimize, not an investment to protect the business. And until boards start viewing team welfare and training as critical components of security rather than nice-to-haves, we’ll keep seeing these same patterns repeat. The technology keeps getting better, but the people defending it are being stretched to their breaking point.
