Companies need to defend their respective tech stacks from a variety of rapidly evolving threats, and if you talk to security experts, it seems like artificial intelligence (AI) is one of the keys to accomplishing that task. But are cybersecurity professionals gaining the AI knowledge they need?
According to O’Reilly’s new 2024 State of Security Survey, some 33.9 percent of tech pros report a shortage of AI security skills. That’s a bit disconcerting, especially as more attackers turn to AI-based hacks such as prompt injection. (Cloud security is also a huge concern, with 38.9 percent of respondents citing cloud security as the most significant organizational skills shortage.)
“Our global survey underscores a security landscape in flux, with critical skills gaps emerging in AI and cloud security,” said Laura Baldwin, president of O’Reilly, wrote in a statement tied to the survey’s release. “As cyber threats become increasingly sophisticated, it’s clear that continuous, high-quality training is no longer optional; it’s essential for safeguarding our digital future. Organizations must prioritize ongoing upskilling to stay ahead of evolving risks and build robust defenses.”
For organizations everywhere, this underscores the need to constantly train employees on the latest and greatest tech, including the cybersecurity professionals tasked with guarding their company’s data. Fortunately, some 80.7 percent of organizations mandate continuing education for security professionals.
“Our survey reveals a seismic shift in the security landscape—it’s no longer just an IT concern, but a company-wide imperative,” Baldwin added. “While certifications like CISSP remain crucial, we’re seeing critical skills gaps in cloud and AI security. To truly safeguard our digital future, we need high-quality, continuous learning that goes beyond exam preparation and empowers every employee to be a frontline defender against evolving threats.”
Meanwhile, both companies and the public sector are scrambling to secure the cybersecurity talent they need. The CyberSeek website still lists nearly 470,000 open cybersecurity positions in the U.S., and one recent report cites a lack of security budget dollars as potentially hampering specialist hiring within the enterprise.
“There is a perception that you need a computer science degree and a deeply technical background to get a job in cyber,” National Cyber Director Harry Coker Jr. noted in a blog post about the White House’s current attempt to draw more people into the cybersecurity field. “The truth is, cyber jobs are available to anyone who wants to pursue them. Cyber professionals are part of a dynamic and diverse modern workforce and individuals from all backgrounds and disciplines have a place.”
Anyone entering the cybersecurity profession should make a point of staying on top of the latest developments in AI, especially as they pertain to security. Your organization’s safety could depend on it.