Around one in three cybersecurity teams report being under-resourced to adequately defend their organisations, highlighting ongoing pressures amid a rising threat landscape, according to the ISC2 2025 Cybersecurity Workforce Study.
The survey, which included over 16,000 security professionals worldwide, found that nearly 30% of organisations cannot afford to hire staff with the necessary skills.
The staffing shortfall is creating tangible risks. Some 72% of respondents said that reducing personnel significantly increases the likelihood of a breach, while almost nine in ten have experienced at least one major security incident linked to skills gaps.
To address these pressures, security teams are increasingly turning to artificial intelligence. The study found that 28% of respondents have already integrated AI into daily operations, while 69% are at some stage of evaluating, testing, or implementing the technology.
AI skills are now the most sought-after capability, cited by 41% of professionals, followed by cloud security at 36%. Half of respondents are developing general AI knowledge, and 35% are focusing on advanced applications, such as detecting vulnerabilities and preventing exploits.
Sawan Joshi, Group Director of Information Security at FDM Group, said: “Building true cyber resilience means prioritising continuous training and sustained investment in developing young cyber talent. Technology is vital, but it is the skills, readiness and adaptability of people that ultimately determine how effectively threats are mitigated and sensitive data is protected.”
Andy Ward, SVP International at Absolute Security, added: “Our research highlights that 59% of CISOs already view cyber as the single biggest threat facing the UK today, above AI and other risks. With cyber threats rising, organisations must close the cyber skills gap to remain resilient. Cyber-attacks are no longer a question of if but when, and true cyber resilience cannot be achieved without a strong security team.”
Debra Taylor, acting CEO and CFO of ISC2, noted that skills deficits, rather than headcount alone, are the most pressing concern. “Skills gaps raise cybersecurity risk levels and challenge business resilience. At the same time, emerging technologies such as AI are seen less as a threat and more as an opportunity for career advancement,” she said. “Professionals are using AI tools to automate tasks while investing time to develop expertise in using and securing AI systems.”
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.
