Fortinet report flags global cybersecurity talent gap as AI risks intensify

A worldwide shortage of cybersecurity workers continues to leave organisations exposed at a time when online attacks are becoming more advanced and artificial intelligence is changing how digital systems are protected, Fortinet says in its 2026 Global Cybersecurity Skills Gap Report.

The report drew on responses from more than 2,750 IT and cybersecurity leaders in 32 countries. It found that the shortage of trained personnel is still one of the main reasons companies suffer security incidents, despite increased investment in staff training, professional certification and AI-based security products.

“Cybersecurity is not simply a technical issue but a strategic business risk,” said Dr Carl Windsor, Fortinet’s chief information security officer. “While boards generally recognise the importance of cybersecurity, more investment is needed to address key issues such as rapidly accelerating AI risks and the ongoing cybersecurity skills shortage. Addressing these issues is critical to business resilience in an increasingly complex threat landscape.”

The survey points to growing financial and operational pressure. Eighty-six per cent of those polled said their organisation had experienced at least one cyber breach during the previous year, and more than half reported losses above US$1 million. For the third year in a row, limited cybersecurity skills was listed among the major factors behind breaches.

Recruitment remains a challenge as well. More than half of respondents said their greatest need is for senior cybersecurity expertise, while almost half said they have trouble getting internal approval to add staff to their security teams.

AI is creating benefits and fresh risks for the sector. Fortinet said 91 per cent of organisations are either using or testing AI-enabled security tools, with many seeing better efficiency. At the same time, AI is giving cybercriminals stronger capabilities, helping them launch attacks that are larger and more complex.

Oversight has not kept pace with those changes. Only about half of respondents believe their boards fully understand the risks linked to employees using AI. Nearly two-thirds also expect demand to increase over the next three years for cybersecurity staff focused specifically on AI governance.

Companies are trying to build new talent pipelines to address the gap. Ninety-two per cent of respondents said they are prepared to pay for cybersecurity certifications, an increase over the previous year, while organisations are also widening internships, apprenticeships and partnerships with academic institutions.

Still, AI is creating another layer of hiring pressure. Sixty per cent of respondents said it is difficult to find professionals who understand both AI and cybersecurity. As a result, organisations are putting more emphasis on focused upskilling in areas including AI system security, automation and AI governance.

Fortinet says the skills shortage will require a joined-up response built around education, professional credentials and stronger security technologies. The company said its Training Institute is broadening access to cybersecurity education as part of efforts to improve resilience and help prepare the next generation of workers.