Fortinet Report Reveals Cybersecurity Skills Gap Worsens as 86% of Organizations Report Breaches in Past Year

As cyber threats escalate in both scale and complexity, organizations are increasingly confronted with a significant cybersecurity skills gap. This widening gap not only elevates business risks but also exposes critical vulnerabilities within systems. Recent findings from Fortinet underscore the pressing need for enhanced investment in cybersecurity talent, AI-related skills, and workforce development to bolster resilience against a dynamic threat landscape.

Fortinet, a prominent player in the cybersecurity sector, has published the 2026 Global Cybersecurity Skills Gap Report, which sheds light on the persistent challenges organizations face amid ongoing shortages in cybersecurity expertise. The report’s findings reveal several alarming trends:

• The shortage of cybersecurity skills, exacerbated by insufficient investment in talent, remains a leading cause of severe security breaches.
• While cybersecurity professionals are increasingly utilizing AI-driven tools, there is a critical need for upskilling and reskilling to maximize the benefits of these advanced technologies.
• Despite investment gaps, organizations are making concerted efforts to attract and retain top cybersecurity talent.

Carl Windsor, CISO at Fortinet, emphasized the strategic nature of cybersecurity, stating that it transcends technical issues and poses significant business risks. He noted that while boards recognize the importance of cybersecurity, greater investment is necessary to tackle emerging AI risks and the ongoing skills shortage. Addressing these challenges is vital for maintaining business resilience in an increasingly complex threat environment.

High Stakes in Cybersecurity

The report highlights that a lack of cybersecurity skills continues to be a primary factor in devastating security breaches. Key findings include:

• The stakes are high: Eighty-six percent of organizations reported experiencing one or more breaches in the past year. Fifty-two percent indicated that these breaches cost them over $1 million, an increase from 38% in 2021. North America reported the highest costs, with an average breach costing approximately $2 million.
• Ongoing skills shortages: For the third consecutive year, IT leaders cited a lack of cybersecurity skills as a top cause of security breaches, with 56% identifying it as a significant concern. While 51% of respondents indicated a need for senior-level cybersecurity skills, 49% struggled to secure approval for additional talent. This is particularly concerning given that 50% of executives and board members have faced penalties following cyberattacks.

The report also points to new challenges arising from employees’ use of AI technologies, which many boards do not fully comprehend. Findings indicate:

• AI deployment risks: Employee utilization of AI presents risks that are not fully understood, with only 50% of leaders believing their board members are adequately aware of these potential threats.
• Emerging skills gaps: As AI adoption continues, 63% of respondents anticipate a growing need for oversight and governance roles within cybersecurity teams over the next three years.

Investment in Certifications and Talent Development

Despite existing investment gaps, there has been a year-over-year increase in funding for cybersecurity certifications. The report reveals:

• Increased willingness to invest: Ninety-two percent of organizations indicated they would pay for employee certifications, up from 73% in the previous year.
• Talent sourcing initiatives: To attract talent from underrepresented groups, 92% of organizations are employing internships, apprenticeships, partnerships, and other programs. Additionally, 71% have established formal hiring targets for underutilized talent pools.

Opportunities and Challenges of AI in Cybersecurity

The adoption of AI-powered cybersecurity tools is becoming widespread as decision-makers recognize their potential to enhance operational efficiency. Survey findings indicate:

• Broad adoption of AI tools: Ninety-one percent of respondents are currently using or experimenting with AI-driven cybersecurity solutions. Skepticism regarding AI in cybersecurity has decreased, with only 38% expressing uncertainty, down from 43% in the previous year.
• Support for IT and security professionals: Eighty-four percent of respondents believe AI-enhanced security tools are making IT and security teams more effective. This is crucial as both defenders and cybercriminals now have access to similar technologies, with 44% of respondents citing AI cybersecurity attacks as a top concern.

While AI is contributing to the widening skills gap, organizations are actively working to address this issue. Survey respondents noted:

• Investment in skills development: Sixty percent of respondents identified finding cybersecurity talent with AI experience as their top recruiting challenge. Currently, 92% plan to invest in AI-related training or certifications within the next year.
• Reskilling programs: Organizations require staff with new skill sets to support AI adoption, including AI model development (55%), AI tool oversight (54%), and security automation (52%). Fifty-nine percent are developing internal training programs, while 52% are seeking external training solutions.

Closing the Cybersecurity Skills Gap for Business Resilience

Investment at the board and executive levels in a comprehensive cybersecurity strategy—one that integrates people, processes, and technology—is essential. Organizations must continue to tap into underutilized talent pools and invest in training and upskilling to cultivate and retain the expertise necessary for effective cybersecurity.

This coordinated approach should focus on three key pillars: raising awareness and education, expanding access to targeted training and certification, and deploying advanced security technologies.

To assist organizations in navigating the challenges posed by the cybersecurity skills gap, the Fortinet Training Institute offers one of the industry’s most extensive training programs, aimed at making cybersecurity training and career opportunities accessible to all. This includes a Security Awareness Training service designed to foster a cyber-aware workforce.

Fortinet is on track to fulfill its commitment to train one million individuals in cybersecurity globally this year, a pledge initiated in 2022.

Source: www.intelligentciso.com

Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.