European Commission President Ursula von der Leyen recently emphasized that the EU will need to “focus on further strengthening our cyber defense capabilities, coordinating national cyber efforts, and securing our critical infrastructures" and committed to a new EU strategy for Vocational Education and Training. This has also been echoed by Mario Draghi in his last report on the EU’s competitiveness, calling for a decisive action to strengthen Europe’s skilled labour base. More than ever, robust cybersecurity, skills and digital trust are therefore needed to enable the EU advancing further into the digital age and embracing groundbreaking technologies and innovations like AI. The nature of these developments requires swift and strongly coordinated action to protect businesses and individuals.
ISACA is committed to contribute to this important change and to helping shape the future of digital trust across Europe. To this end, ISACA just published its Vision Paper on “Empowering Europe’s Digital Future with Cyber Resilience, Competitiveness and Digital Trust", which focuses on three core priorities: cyber resilience, digital competitiveness, and trust in digital ecosystems. To address such crucial areas, we believe that the EU will need to boost its efforts on promoting and incentivizing digital skills, put a strong focus on skills when drafting and implementing EU regulations, reinforce the EU bodies and initiatives aimed at developing digital skills and incorporate digital and cyber skills in the EU international agenda. These measures will be fundamental to protect the EU from cyber threats, empower its workforce and, ultimately, enhance the overall competitiveness of the continent in the global digital economy.
One of the most increasingly complex challenges we face is the digital and cybersecurity skills gap that persists and continues growing across Europe. The lack of insufficient skilled workforce within the EU businesses and public administrations is seriously jeopardizing their compliance with landmark EU regulations, such as the AI Act, the Data Act, NIS2 and CRA. The 2023 ISACA State of Cybersecurity indicates that a massive 62% of companies are reporting understaffed cybersecurity teams, creating vulnerabilities cybercriminals are more than happy to exploit. Similarly, the 2024 ISACA State of Digital Trust highlights that only 23% of the European businesses are measuring their digital trust maturity, despite 50% of all respondent businesses acknowledge that skills and training are needed to achieve digital trust. Without urgent action and under the current pace, the EU’s Digital Decade targets—such as reaching 20 million ICT specialists by 2030— will fall short, as recognized by the same European Commission.1
ISACA is advocating for clear, measurable goals to address this gap and we urge the EU to set auditable targets for businesses and public institutions to invest in upskilling in areas of AI, data privacy, and cybersecurity governance, among others. ISACA is already fully invested in these efforts - from mapping our certifications to the European Cybersecurity Skills Framework to providing memberships and resources to individuals across Europe.
We witnessed that these challenges have real-world consequences: imagine a hospital being targeted by cyber terrorists. It happened in Europe, where ransomware infected vital services, which put human lives at risk. On top of this, the increasing uptake of AI and other advanced technologies in key sectors (healthcare, transportation, etc.) is already bringing many operational advancements and positive effects, but also new risks and emerging vulnerabilities. To control safely and effectively, it is therefore fundamental to keep cybersecurity strategies agile and forward-leaning.
Beyond the most needed technical solutions, the bedrock of Europe's digital transformation is and will increasingly be digital trust, namely the confidence in an online ecosystem in which individuals and businesses can securely and reliably interact and transact with each other. Such digital trust can only be achieved by the seamless combination of a number of inter-related functions and professions, such as cyber, audit, risk, and privacy, using a comprehensive, systems-based thinking approach. As the Vision Paper outlines, there cannot be any cybersecurity and digital transformation of the EU economy without digital trust, since both concepts proceed in unison. Therefore, as the EU pursue its ambitions digital goals, building digital trust must be a top priority.
The future of Europe's digital economy depends on how well we equip ourselves today. From closing the skills gap to reinforcing the cybersecurity laws, ISACA's Vision Papers lay out a roadmap which can guide Europe toward a secure, resilient, and competitive digital future.
More information about ISACA’s advocacy work is available at https://www.isaca.org/about-us/advocacy. The "ISACA Vision Paper 2024" is available for download here.