Main image of article Cybersecurity Skill Sets Require AI Knowledge and a Lot More

Over the past two years, artificial intelligence (AI) has dominated cybersecurity conversations regarding how attackers can and will exploit the technology, including creating sophisticated phishing attacks, faster development of malicious code, and deploying virtual chatbots to execute malicious operations more efficiently.

While the effects of generative and agentic AI are still being calculated, cybersecurity professionals face more routine, if still dangerous, threats to their organizations’ networks and data on a daily basis. For instance, vulnerability exploitation increased about 34 percent from 2023 to 2024, thanks to attackers using zero-day exploits against edge devices and VPNs.

While cyber and tech pros work to patch edge devices, only about 54 percent of vulnerable devices were fully remediated in 2024, taking a median of 32 days to finish patching. Ransomware attacks were also present in 44 percent of all the reviewed breaches last year—an increase from 32 percent in 2023.

These are some of the security statistics published in the annual Verizon Data Breach Investigations Report, released April 23. The 18th annual report looked at 22,052 security incidents in 139 countries between Nov. 1, 2023, and Oct. 31, 2024. Of that number, Verizon’s research team determined that 12,195 of these incidents were confirmed data breaches—meaning the data was exposed "to an unauthorized party."

While Verizon researchers noted that taking advantage of stolen credentials and phishing remain major concerns for cybersecurity professionals, the increasing exploitation of vulnerabilities in applications and platforms is making the complex job of cyber defense even more difficult.

“We can draw a very straight line from this exploitation of vulnerability growth to the deluge of edge device vulnerabilities that plagued defenders throughout 2024. This tactic has

been leveraged successfully by both ransomware operators and espionage-motivated threat actors with great success,” according to Verizon.

While AI has received a much larger share of attention in cybersecurity circles over the last two years, some experts note that organizations and their security teams cannot afford to forgo basic cyber hygiene and best practices to ensure a strong defense. This means security professionals need a holistic skill set that covers the basics, including the ability to address vulnerabilities in the software and applications used by their organizations.

“The 2025 DBIR findings emphasize the need for a holistic security approach that prioritizes vulnerability management while addressing third-party risks and evolving ransomware tactics. Security teams can build more resilient programs that protect their organizations against the most prevalent attack vectors by focusing on these key areas,” said Saeed Abbasi, manager for vulnerability research at Qualys Threat Research Unit.

For cybersecurity pros looking to address attackers taking advantage of these vulnerabilities, Abbasi suggests organizations address several security issues within their team structure, including:
 

  • Implementing asset management for internal and external assets to gather a complete inventory of their hosts, including EOLs.
  • Deploying broad vulnerability detection capabilities.
  • Leveraging risk-based prioritization for findings.
  • Implementing automated patch management workflows.
  • Prioritizing edge device vulnerabilities.
  • Considering compensating controls and alternative mitigation strategies when immediate patching isn’t possible.

Ransomware attacks present the same challenges for security teams: Understanding fundamentals and having a well-rounded skill sets that can help reduce the chances of an incident or help recover faster with fewer long-term disruptions, said Trey Ford, CISO at Bugcrowd.

“Regardless of the ransomware actor, the foundational controls still matter. Knowing your total attack surface, testing your environment, with an eye toward efficient remediation, is key,” Ford told Dice. “Enterprise controls, including visibility—logging and endpoint detection and response (EDR)—hardening—privileged account management and careful inventory of service accounts—and multifactor authentication for domain admin and remote access are paramount.”

There is a strong correlational reason cyber insurance underwriters care about those key controls and coverage in the application process, Ford added: “If those controls are not effective, cyber insurance underwriters might have to pay out. Be open with management about which of those controls are effective and lacking, and secure funding to get them online as fast as possible.”

Where does all the discussion about vulnerabilities and ransomware leave the AI issue?

For cybersecurity experts and industry insiders, the Verizon numbers seem to indicate that while much of the emphasis over the last two years has been placed on AI—whether it’s used in attacks or as a way to automate more defenses—the technology is still very much developing. What’s needed is a cybersecurity workforce that understands AI as well as how to handle traditional concerns such as patch management, vulnerability detection, identity and access management (IAM) and risk assessment.

“While AI can accelerate threat detection through advanced data analysis, it also has limitations that complicate implementation. Neural networks and large language models can provide believable and mostly accurate assessments, but they often lack the ability to explain rationale,” Darren Guccione, CEO and co-founder of Keeper Security, recently told Dice. “Without that key piece of information, it’s risky for IT and security teams to make business-impacting decisions based on AI insights alone. While AI enhances detection capabilities, successful cybersecurity strategies require seamless integration with human expertise to ensure informed decision-making and an effective response to evolving threats.”

The Verizon report makes clear that generative AI, despite the headlines, has not overtaken the world yet, and that includes cybersecurity. While there is evidence that attackers are experimenting with these technologies, it’s not much different from the ways their legitimate counterparts are at this point. 

There are signs of what might come, however. The Verizon report noted that the data showed that synthetically generated text in malicious emails doubled year-over-year.

The researchers did find that AI use by employees is increasing, which is leading to concerns about sensitive corporate data leaking as workers load data into these platforms without proper oversight. “Even more concerning, a large number of those were either using non-corporate emails as the identifiers of their accounts (72 percent) or were using their corporate emails without integrated authentication systems in place (17 percent), most likely suggesting use outside of corporate policy,” the report noted.

This is why cybersecurity professionals must retain basic skills, such as understanding risks associated with insider threats, combined with knowledge of how AI is transforming the entire workplace.

“AI is transforming, rather than deskilling, today’s cybersecurity workforce. AI's impact on the cybersecurity workforce could shift the existing skills gap towards a more nuanced labor gap,” Craig Jones, vice president of security operations at Ontinue, told Dice. “Currently, the industry is faced with a skills gap due to a shortage of professionals with the expertise needed to handle today’s evolving cyber threat landscape. AI can alleviate some of this burden by handling certain tasks, however, it also requires employees who not only understand cybersecurity but are also skilled in managing and interpreting AI outputs. To address this, continuous education and upskilling become crucial.”

While some see AI playing a crucial role in cybersecurity, general IT and application development, those benefits appear several years away at this point, even as the technology gains traction now.

“AI is creating more opportunities and will have a positive impact throughout the rest of 2025. With AI, we can solve more problems than ever before and that creates more opportunities for jobs and skill sets in the market. I don’t believe we are at the point yet where AI is impacting jobs because it can’t write and execute code at scale,” Vishal Saxena, CTO at Octus, told Dice. “Some of our engineers have been using GitHub Copilot to write code, but they still must tune it and make it executable. AI is designed to replace jobs that are very repeatable—the work software developers do isn’t very repeatable and so it’s hard for AI to replace them.”