Fortinet Annual Report Indicates Artificial Intelligence Skillsets Critical to Cybersecurity Skills Gap Solution

87 per cent of cybersecurity professionals expect artificial intelligence to enhance their roles, offering efficiency and relief amid cyber skill shortages, but they require upskilling to unlock full potential

Artificial Intelligence | Cyber Resilience | Reports & Predictions | Risk Management | Security Awareness

Posted: Thursday, Oct 09

KBI.Media
$
Fortinet Annual Report Indicates Artificial Intelligence Skillsets Critical to Cybersecurity Skills Gap Solution

Fortinet Annual Report Indicates Artificial Intelligence Skillsets Critical to Cybersecurity Skills Gap Solution

Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, has released its 2025 Global Cybersecurity Skills Gap Report, shedding light on the new and persistent challenges organisations face due to the cybersecurity skills gap. The global survey’s key findings include:

As organisations are turning increasingly to artificial intelligence (AI) to strengthen their security postures and fill gaps, they also acknowledge that AI may be used against them as an engine of new or improved cyberattacks, especially given the lack of AI skillsets across teams.
Lack of cybersecurity awareness and training remains the top cause of breaches.
Boards lack cyber knowledge, despite it being a priority.
Organisations want cybersecurity personnel with certifications.

Carl Windsor, chief information security officer, Fortinet, said, “This year’s survey further underscores the urgent need to invest in cybersecurity talent. Without closing the skills gap, organisations will continue to face rising breach rates and escalating costs. The findings highlight an inflection point for both public and private sectors: Without bold action to build and retain cybersecurity expertise, the risks and costs will only continue to grow for our society.”

Report links cyber skills gap to escalating security and financial risks

As cyberthreats continue to escalate, organisations face the reality that security attacks are not just a possibility but a certainty. At the same time, an estimated global shortfall of more than 4.7 million skilled professionals leads to critical security roles being unfilled at a time when they are needed most. Key findings about the impact of the skills gap on organisations globally include:

The volume of breaches organisations experience is increasing year over year. According to the 2025 Fortinet Global Skills Gap Report, 86 per cent of organisations experienced at least one cyber breach in 2024, with nearly one-third (28 per cent) reporting five or more. These figures mark a significant increase from 2021, when the inaugural Fortinet Global Skills Gap Report was released, in which 80 per cent of organisations reported breaches, and only 19 per cent faced five or more.
The cybersecurity skills shortage is a key contributor to increased breaches. More than 50 per cent of those surveyed (54 per cent) indicated a lack of IT security skills and training as one of the leading causes of breaches in their organisations.
Financial ramifications of breaches remain significant. More than half (52 per cent) of surveyed organisations say cyber incidents cost them over US$1 million in 2024, consistent with the prior year’s findings and sharply up from 38 per cent in 2021.

AI could ease strain on security teams, but lack of expertise is a growing risk

While AI offers critical relief amid ongoing cyber skills shortages, organisations may not yet be fully prepared to harness its potential securely. This year’s survey found:

Security technology with AI capabilities has been widely adopted. An overwhelming 97 per cent of organisations surveyed are either already using or plan to implement AI-enabled cybersecurity solutions, with threat detection and prevention cited as the top areas of interest for applying AI in cybersecurity.
AI can help alleviate the burden on short-staffed security teams. 87 per cent of cybersecurity professionals expect AI to enhance their roles, rather than replace them, offering efficiency and relief amid skills shortages.
While AI can help security teams, teams lack AI skillsets to unlock the technology’s full potential. A majority of those surveyed (80 per cent) say AI is helping their IT and security teams become more effective, but nearly half (48 per cent) of IT decision makers point to a lack of staff with sufficient AI expertise as the biggest challenge to successful implementation. Seventy-six per cent of organisations that suffered nine or more cyberattacks in 2024 had AI tools in place, suggesting that adoption alone isn’t enough without the right expertise.

As board-level focus on cybersecurity grows, understanding of AI impact lags

When it comes to the board of directors’ understanding of cybersecurity’s role at their organisation, the report revealed the following:

Cybersecurity prioritisation at the board level is on the rise with 76 per cent of boards increasing their focus on the issue in 2024. Nearly all organisations now view cybersecurity as both a business (96 per cent) and financial (95 per cent) priority.
Board members aren’t as aware of the potential risks that AI use poses to their organisations. Fewer than half (49 per cent) of all respondents indicated their boards fully understand the risks posed by AI, with awareness closely linked to whether their organisations are already deploying AI in their cybersecurity programs.

Upskilling remains a focus in addressing the skill gap

As the cyber skills shortage persists, other key findings from the report include:

Certifications continue to be highly valued by employers. Eighty-nine per cent of IT decision-makers prefer to hire candidates who hold certifications. Most respondents said certifications validate cybersecurity knowledge (67 per cent), demonstrate an ability to stay current in a fast-evolving field (61 per cent), and indicate familiarity with key vendor tools (56 per cent).
Organisational support for funding certifications has declined. Only 73 per cent of respondents now say they are willing to pay for employees to obtain certifications, down from 89 per cent in 2023.

Closing the skills gap is critical to business resilience

The 2025 Cybersecurity Skills Gap Report makes clear that cybersecurity has become a board-level priority, driven by the rise of AI and the escalating risks to business operations. Closing the global skills gap remains essential. Organisations must rethink hiring practices, tap into underutilised talent pools, and invest in training and upskilling to build and retain the expertise they need. This requires a coordinated approach grounded in three key pillars: raising awareness and education, expanding access to targeted training and certification, and embracing advanced security technologies.

To help organisations address the challenges they face as a result of the cyber skills gap, the award-winning Fortinet Training Institute, one of the industry’s broadest training and certification programs, is dedicated to making cybersecurity certification and new career opportunities available to all populations, including a Security Awareness Training service for organisations to develop a cyber-aware workforce. The Security Awareness and Training service offers AI-focused modules to enhance understanding of AI and the role it plays in cybersecurity, including an introduction to generative artificial intelligence and curriculum around AI-powered threats, covering the various methods that cybercriminals use when harnessing AI to create and enhance cyberattacks.

Additionally, as part of Fortinet’s commitment to addressing this growing challenge, Fortinet is on track to train one million people in cybersecurity around the world by the end of 2026, since setting that pledge in 2021.

About the Fortinet Skills Gap Survey

The survey was conducted among over 1,850 IT and cybersecurity decision-makers from 29 different countries and locations.
Survey respondents come from a range of industries, including technology (22 per cent), manufacturing (16 per cent), and financial services (12 per cent).

Additional resources

Learn about the Fortinet Training Institute programs, helping address the cyber skills gap through upskilling and reskilling, and free training.
Visit fortinet.com/trust to learn more about Fortinet innovation, collaboration partners, product security processes, and enterprise-grade products.
Read about how Fortinet customers are securing their organisations.
Learn more about Fortinet’s commitment to product security and integrity, including its responsible product development and vulnerability disclosure approach and policies.
Follow Fortinet on X, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube.

About Fortinet

Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere our customers need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet’s solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. Collaboration with esteemed organisations from both the public and private sectors, including Computer Emergency Response Teams (“CERTS”), government entities, and academia, is a fundamental aspect of Fortinet’s commitment to enhance cyber resilience globally. FortiGuard Labs, Fortinet’s elite threat intelligence and research organisation, develops and utilises leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet blog, and FortiGuard Labs.

Copyright © 2025 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet’s trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiCore, FortiMail, FortiSandbox, FortiADC, FortiAgent, FortiAI, FortiAIOps, FortiAntenna, FortiAP, FortiAPCam, FortiAppSec, FortiAuthenticator, FortiBranchSASE, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCART, FortiCASB, FortiCentral, FortiCNP, FortiConnect, FortiController, FortiConverter, FortiCSPM, FortiCWP, FortiDAST, FortiDATA, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevice, FortiDevSec, FortiDLP, FortiEdge, FortiEDR, FortiEndpoint, FortiExplorer, FortiExtender, FortiFirewall, FortiFlex, FortiFone, FortiGSLB, FortiGuest, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMonitor, FortiNAC, FortiNDR, FortiPAM, FortiPenTest, FortiPhish, FortiPoint, FortiPoints, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiScanner, FortiSDNConnector, FortiSEC, FortiSIEM, FortiSMS, FortiSOAR, FortiSRA, FortiStack, FortiSwitch, FortiTelemetry, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM, FortiXDR, Lacework FortiCNAPP, Linksys, Intelligent Mesh, Velop, Max-Stream, Performance Perfected and SECURITY FABRIC. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments.