The World Economic Forum (WEF) highlighted escalating threat of cyberattacks, amplified by the rise of AI-driven vulnerabilities. In response, the demand for skilled cybersecurity professionals is more urgent than ever. To bridge the global shortage of cybersecurity workers, companies are increasingly turning to AI-powered solutions. However, addressing this challenge goes beyond just technology; it requires a comprehensive approach to training the next generation of cyber defenders.
Effective cybersecurity training must not only cover technical expertise but also emphasize the development of soft skills crucial for managing risks and navigating complex security environments. As AI continues to transform the cybersecurity landscape, how we prepare and educate future defenders will be key to strengthening global cyber resilience.
“In today’s world, organizations are living in a new cybersecurity ‘normal,’” Melonia da Gama, director of training and learning programs at Fortinet, and Natasa Perucica, lead for capacity building at the WEF, wrote in a recent agency post. “Breaches are no longer a matter of if, but when. Most organizations now operate under the assumption that cyber incidents are inevitable, and this mindset is reshaping how security teams, C-suites, and boards of directors think, act, and prioritize. In the age of AI-powered threats, the challenge has grown even more complex.”
The authors recognize that organizations that invest equally in advanced tools and skilled people will be best positioned to withstand the next wave of threats. Ultimately, the future of cybersecurity will belong to those who can harness the strengths of both AI and human intelligence.
As AI accelerates offensive and defensive capabilities, the need for skilled human professionals has never been greater. Yet the industry faces a deep and persistent shortage of qualified talent. Current estimates place the global shortfall between 2.8 and 4.8 million cybersecurity professionals. This widening gap means that while technology continues to advance at unprecedented speed, conversely, the people needed to defend against modern threats are in short supply. Skilled defenders have become the most valuable resource in cybersecurity, and yet they remain scarce.
Recent Fortinet data disclosed that 49% of cybersecurity leaders are concerned that AI will increase the volume and sophistication of cyberattacks. Artificial intelligence has become both an indispensable tool and a new vector of risk, expanding the scale, sophistication, and speed of potential attacks in ways that demand new kinds of expertise and strategic thinking.
“In response to this evolving environment, organizations are increasingly turning to AI to strengthen their defenses and improve operational resilience, leveraging AI to automate threat defense, speed up response, reduce risk, and bridge skills gaps,” the WEF post states. “Research shows that 97% of organizations are either already using or planning to implement AI-enabled cybersecurity solutions. Organizations that extensively use AI in security saw a $1.9M average reduction in cost per breach, underscoring the tangible financial and operational benefits of AI-driven security strategies.”
Moreover, adoption is robust across Asia-Pacific and North America, where AI-powered security tools are increasingly becoming integral to day-to-day cybersecurity operations. The leading areas of application include threat detection and prevention, followed by security automation and threat intelligence.
The authors identified that with machine learning and large language models embedded in security operations centres, organizations can anticipate emerging threats, streamline investigations, and respond with greater speed and precision. This helps create a more proactive, agile, and resilient security posture across cloud security, security operations and management, email security, and identity and access management.
Fortinet had identified that 87% of cybersecurity professionals expect AI to enhance key aspects of their roles, while only 2% believe it will replace them entirely. Still, this transformation is not without friction. The technology’s power is only as strong as the people behind it. Nearly 48% of IT decision-makers identify a lack of staff with sufficient AI expertise as the biggest barrier to adoption. While organizations recognize AI’s potential, many struggle to find professionals with the technical knowledge needed to deploy, manage, and govern these systems effectively.
But technical expertise alone is not enough. Cybersecurity and AI-powered operations more broadly also depend on human judgment, interpretation, and guidance. Soft skills such as analytical and creative thinking, communication, collaboration, and agility will be just as critical in the AI era for managing risk effectively and maintaining resilient security operations.
According to the Future of Jobs 2025 report, demand for these skills is projected to rise significantly, with continued growth expected through 2030. Closing the cyber skills gap, therefore, requires a coordinated, long-term strategy that extends beyond technology.
The WEF’s Strategic Cybersecurity Talent Framework provides guidance on how to attract, educate, recruit, and retain talent, helping organizations build a sustainable cybersecurity workforce. By acting on these areas, organizations can not only broaden access but also create clear pathways for career growth, nurture diverse talent, and ensure a steady pipeline of skilled professionals equipped to meet the evolving demands of cybersecurity.
The WEF’s work on Public-Private Partnerships for Cyber Workforce Development reinforces that scalable, cross-sector collaboration is essential to align incentives, standardize training, and drive innovation where human talent and technology intersect.
Aiming to close the cyber skills gap with a strategy based on three pillars, including increased awareness and education, targeted cybersecurity training and certification, and the implementation of advanced security technologies, will help organizations to build and sustain a skilled cybersecurity workforce.
