The World Economic Forum (WEF) has highlighted the growing threat of cyberattacks, amplified by the rise of AI-related vulnerabilities. In response, the demand for qualified cybersecurity professionals is more urgent than ever. To fill the global shortage of cybersecurity workers, companies are increasingly turning to AI-based solutions. However, meeting this challenge goes beyond just technology; this requires a comprehensive approach to training the next generation of cyber defenders.
Effective cybersecurity training should not only cover technical expertise, but also emphasize the development of soft skills essential for managing risks and navigating complex security environments. As AI continues to transform the cybersecurity landscape, how we prepare and educate future defenders will be critical to strengthening global cyber resilience.
“In today’s world, organizations are living in a new ‘normal’ when it comes to cybersecurity,” Melonia da Gama, Director of Training and Learning Programs at Fortinet, and Natasa Perucica, Head of Capacity Building at WEF, wrote in a recent article from the agency. “Breaches are no longer a question of if, but when. Most organizations now operate under the assumption that cyber incidents are inevitable, and this mindset is reshaping the way security teams, executives, and boards think, act, and prioritize. In the age of AI-powered threats, the challenge has become even more complex.”
The authors recognize that organizations that invest equally in advanced tools and skilled personnel will be best positioned to withstand the next wave of threats. Ultimately, the future of cybersecurity will belong to those who can harness the strengths of AI and human intelligence.
As AI accelerates offensive and defensive capabilities, the need for skilled human professionals has never been greater. Yet the sector faces a deep and persistent shortage of qualified talent. Current estimates place the global deficit between 2.8 and 4.8 million cybersecurity professionals. This growing gap means that while technology continues to advance at unprecedented speed, conversely, the people needed to defend against modern threats are in short supply. Skilled defenders have become the most valuable resource in cybersecurity, but they remain in short supply.
Recent data from Fortinet found that 49% of cybersecurity leaders are concerned that AI will increase the volume and sophistication of cyberattacks. Artificial intelligence has become both an indispensable tool and a new risk vector, increasing the scale, sophistication and speed of potential attacks in ways that demand new types of expertise and strategic thinking.
“In response to this evolving environment, organizations are increasingly turning to AI to strengthen their defenses and improve operational resilience, leveraging AI to automate threat defense, accelerate response, reduce risk, and close skills gaps,” the WEF message said. “Research shows that 97% of organizations are already using or considering implementing AI-based cybersecurity solutions. Organizations that widely use AI in security have seen an average reduction of $1.9 million in cost per breach, highlighting the tangible financial and operational benefits of AI-driven security strategies.”
Additionally, adoption is strong in the Asia Pacific region and North America, where AI-based security tools are increasingly becoming an integral part of daily cybersecurity operations. The main application areas include threat detection and prevention, followed by security automation and threat intelligence.
The authors identified that with machine learning and large language models integrated into security operations centers, organizations can anticipate emerging threats, streamline investigations, and respond with greater speed and accuracy. This help to create a more proactive, agile and resilient security posture across cloud security, security operations and management, email security and identity and access management.
Fortinet identified that 87% of cybersecurity professionals expect AI to improve key aspects of their roles, while only 2% believe it will replace them entirely. However, this transformation is not without friction. The power of technology is only as strong as the people behind it. Nearly 48% of IT decision-makers identify a lack of staff with sufficient AI expertise as the biggest barrier to adoption. While organizations recognize the potential of AI, many struggle to find professionals with the technical knowledge needed to effectively deploy, manage and govern these systems.
But technical expertise alone is not enough. Cybersecurity and, more broadly, AI-enabled operations also depend on human judgment, interpretation and advice. Soft skills such as analytical and creative thinking, communication, collaboration and agility will be equally essential in the AI era to effectively manage risk and maintain resilient security operations.
According to the Future of Jobs Report 2025demand for these skills is expected to increase significantly, with continued growth expected through 2030. Closing the cybersecurity skills gap therefore requires a long-term, coordinated strategy that extends beyond technology.
The WEF Cybersecurity Talent Strategic Framework provides guidance on how to attract, educate, recruit and retain talent, helping organizations build a sustainable cybersecurity workforce. By taking action in these areas, organizations can not only expand access, but also create clear pathways for career progression, nurture diverse talent, and ensure a consistent pipeline of qualified professionals equipped to meet the evolving demands of cybersecurity.
The WEF work on public-private partnerships for developing the cyber workforce reinforces that scalable cross-sector collaboration is essential to align incentives, standardize training, and drive innovation where human talent and technology intersect.
Aiming to close the cybersecurity skills gap through a strategy based on three pillars, including increased awareness and education, targeted cybersecurity training and certification, and the implementation of advanced security technologies, will help organizations build and maintain a skilled cybersecurity workforce.
