Fortinet, a leader in cybersecurity, has unveiled its 2025 Global Cybersecurity Skills Gap Report, highlighting the ongoing challenges organizations face due to a significant shortage of skilled professionals. The report reveals that more than 4.7 million cybersecurity positions remain unfilled worldwide, intensifying the urgency for organizations to bolster their defenses against increasingly complex cyber threats.
As businesses increasingly turn to artificial intelligence (AI) to enhance their security measures, they also recognize that AI can be weaponized by attackers. Fortinet’s findings indicate that while AI can improve defense mechanisms, the lack of expertise in AI among cybersecurity teams presents a critical risk. “This year’s survey further underscores the urgent need to invest in cybersecurity talent,” stated Carl Windsor, Chief Information Security Officer at Fortinet. He emphasized that without addressing the skills gap, organizations will continue to face rising breach rates and escalating costs.
In Saudi Arabia, digital transformation efforts under Vision 2030 have accelerated the adoption of cloud technologies and e-government services, making AI-driven cybersecurity capabilities increasingly vital. The Kingdom’s National Cybersecurity Authority (NCA) stresses the importance of developing local talent, although demand still far exceeds supply. Sami Alshwairakh, Senior Regional Director of Sales at Fortinet, noted that cybersecurity is a foundational pillar for national resilience and economic growth, urging strategic initiatives to upskill the workforce and enhance local capabilities.
The report reveals that 86% of organizations experienced at least one cyber breach in 2024, a marked increase from previous years. Notably, over half of the respondents attribute these breaches to a lack of IT security skills and training. Financially, the ramifications are also significant, with more than 52% of surveyed organizations reporting costs exceeding $1 million due to cyber incidents in 2024, a rise from 38% in 2021.
Despite the challenges posed by a lack of skilled personnel, the report suggests that AI offers potential relief for overworked security teams. A staggering 97% of organizations are utilizing or planning to implement AI-enabled cybersecurity solutions, particularly in threat detection and prevention. However, nearly half of IT decision-makers highlighted a shortage of staff with adequate AI expertise as a primary hurdle to successful implementation. This disconnect is particularly evident in Saudi enterprises, which are early adopters of AI in sectors such as government and finance, yet face a scarcity of qualified professionals in the field.
As the focus on cybersecurity intensifies at the board level—with 76% of boards increasing their attention on this critical issue in 2024—there remains a significant gap in understanding the risks associated with AI. Less than half of board members are fully aware of these risks, a gap that could hinder effective governance and strategic planning.
In addressing the persistent skills shortage, the report emphasizes the value of certifications, with 89% of IT decision-makers preferring to hire candidates with recognized qualifications. However, support for funding these certifications has declined, with only 73% of organizations now willing to pay for employees to obtain them, down from 89% in 2023. Initiatives like the Saudi Digital Academy aim to close the talent gap by subsidizing professional certifications and fostering upskilling programs.
The 2025 Cybersecurity Skills Gap Report underscores the urgent need for businesses to rethink hiring practices, tap into underutilized talent pools, and invest in ongoing training and development. Addressing the skills gap is imperative for enhancing organizational resilience against cyber threats. Fortinet aims to train one million individuals in cybersecurity by the end of 2026, as part of its commitment to closing the global talent gap.
The report, which surveyed over 1,850 IT and cybersecurity decision-makers from diverse industries across 29 countries, serves as a clarion call for organizations to prioritize cybersecurity and workforce development in an increasingly perilous digital landscape.
See also
Cyberattacks Surge 230% in 2025 as AI Exploits Third-Party Vulnerabilities
NIST Releases Cyber AI Profile to Guide Secure AI Adoption in Organizations
Kaspersky Türkiye Reports Shift in Cyberattack Focus to Industrial Sectors by 2025
South African Firms Face 1,800 Weekly Cyberattacks Amid Rising AI Threats, Check Point Reports
CrowdStrike Launches Falcon AIDR to Combat AI Threats with 99% Efficacy
