AI seen as an aid not a threat as cyber skills gap widens

The majority of cybersecurity professionals anticipate artificial intelligence (AI) will bolster rather than replace their roles, according to an industry survey which also shows persistent concerns over skill shortages and escalating breach costs for organisations.

Breaches increasing

Ninety-two percent of organisations reported at least one cyber breach during 2024, with 44% experiencing five or more, according to research conducted by Fortinet. These figures represent a notable increase from 2021, when 80% of organisations faced breaches and only 19% encountered five or more. Financial impacts remain significant, with 68% of organisations reporting that cyber incidents led to losses exceeding USD $1 million in 2024.

Skill shortage impact

The report underscores the skills gap as a persistent issue driving security risks. Over half (54%) of those surveyed cited a lack of IT security skills and training as a key reason for breaches. The study estimates a global shortfall of over 4.7 million cybersecurity professionals, leaving many organisations with unfilled critical security roles.

"This year's survey further underscores the urgent need to invest in cybersecurity talent. Without closing the skills gap, organisations will continue to face rising breach rates and escalating costs. The findings highlight an inflection point for both public and private sectors: Without bold action to build and retain cybersecurity expertise, the risks and costs will only continue to grow for our society," said Jess Ng, Country Head, Singapore and Brunei, Fortinet.

AI adoption rising

All respondents indicated that they are either already using, or plan to implement, AI-enabled cybersecurity solutions. The principal areas of interest remain threat detection and prevention. The survey found that 96% of cybersecurity professionals expect AI to enhance their work by improving efficiency and alleviating staffing pressures. However, significant challenges remain: while 80% say AI helps their IT and security teams, 42% cite a lack of staff with adequate AI expertise as a barrier to successful deployment.

Board oversight

Board-level engagement in cybersecurity is growing, with 62% of boards prioritising it in 2024. Nearly all organisations now consider cybersecurity a business (96%) and financial (92%) priority. However, comprehension of AI-related risks at board level is limited; only 40% of respondents believe their boards fully understand the risks posed by AI.

Certifications valued

Professional certifications are highly sought after by IT leaders, with 84% expressing a preference for certified candidates. Certifications are seen as indicators of cybersecurity knowledge, up-to-date skills, and familiarity with critical vendor tools. Despite this, organisational support for funding certifications has waned, with only 80% of respondents willing to pay for employees' certifications, down from 92% in the previous year.

Training programmes

To help close the skills gap, Fortinet's Training Institute continues to provide certification and training opportunities globally, including modules focused on AI in cybersecurity and methods used by attackers to harness AI. The company aims to train one million people worldwide by the end of 2026.

The survey drew responses from over 1,850 IT and cybersecurity decision-makers across 29 countries in sectors including technology, manufacturing, and financial services.