IT Brief US - Technology news for CIOs & IT decision-makers
United States
Stressed ciso office desk locked server room modern digital illustration
#
SOCs
#
AI
#
AI Ethics & Governance

Fortinet report warns of widening cyber skills gap

Wed, 29th Apr 2026 (Today)
Author image
By Shannon Williams, News Editor

Fortinet has published its 2026 Global Cybersecurity Skills Gap Report, which points to a widening shortage of cyber talent across large organisations.

The survey of more than 2,750 IT and cybersecurity decision-makers in 32 countries found that 71% of organisations see the shortage as a direct business risk. More than half are struggling to recruit cybersecurity staff, while 52% also cited retention as a problem.

The findings suggest artificial intelligence is reshaping the market as employers seek skills that remain scarce. Six in 10 respondents said their biggest hiring challenge is finding cybersecurity workers with specific AI experience.

That pressure is affecting security outcomes. Some 56% said a lack of cybersecurity skills was a leading cause of breaches, while 86% reported at least one breach in the past year.

Costs are also rising. More than half of respondents said breaches had cost them more than USD $1 million, up from 38% in 2021. In North America, the average breach cost was USD $2 million.

Board pressure

The report highlights a mismatch between the importance placed on cyber risk and the resources available to address it. While 51% of respondents said senior-level cybersecurity expertise is their greatest need, 49% said they struggle to secure approval for additional cybersecurity hires.

That tension extends to the top of organisations. Half of respondents said executives and board members had faced penalties after a cyberattack, yet only 50% believed their boards were fully aware of the risks created by employee use of AI.

As a result, demand for governance roles is expected to grow. The survey found that 63% expect a greater need for AI oversight and governance roles on cybersecurity teams over the next three years.

At the same time, AI tools are already widely used in security operations. Some 91% of respondents are using or testing AI-based cybersecurity tools, and 84% said these tools are helping IT and security teams work more effectively and efficiently.

That broad adoption has not eased concern about the same technology being used by attackers. The report found that 44% cited defending against AI-enabled cyberattacks as a top concern.

"Cybersecurity is not simply a technical issue but a strategic business risk. This year's survey suggests that while boards generally recognize the importance of cybersecurity, more investment is needed to address key issues, such as emerging AI risks and the ongoing cybersecurity skills shortage. Addressing these issues is critical to business resilience in an increasingly complex threat landscape," said Carl Windsor, Chief Information Security Officer at Fortinet.

Diversity gap

The data also shows how difficult it remains for employers to widen the talent pool. While 71% of organisations said they have formal hiring targets for underused talent pools, women still account for only 26% of the cybersecurity workforce.

Hiring female candidates appears to be getting harder rather than easier. The share reporting difficulty in hiring women rose to 31%, from 20% a year earlier.

Employers are trying several approaches to address that shortfall. The survey found that 92% use internships, apprenticeships, partnerships and related programmes to reach underrepresented groups.

Training budgets are also shifting. Some 92% of respondents said they would pay for an employee to gain certification, up from 73% in the previous year's survey.

Training focus

AI has become a particular focus for reskilling. Some 92% said they were likely to invest in AI-related cybersecurity training or certifications over the next 12 months.

Respondents said they need new skills in areas such as AI model development, AI tool oversight and security automation. Nearly six in 10 organisations said they are developing internal training or reskilling programmes to support AI adoption, while 52% said they are buying training from industry vendors.

The report covered respondents from a range of sectors, with technology, manufacturing and financial services the three largest groups represented. The findings suggest cyber hiring problems are no longer confined to specialist security teams but are becoming a broader operational issue for companies managing rising threats, higher breach costs and the rapid spread of AI across the workplace.

Fortinet said it aims to train 1 million people in cybersecurity worldwide this year through its training institute.

Related stories
DevOps incidents jump 21% as downtime hits 9,255 hours
eCommerce AI spending rises as leaders fear readiness gap
TP-Link launches PTZ5425 camera for business sites
Backbase named Forrester leader & customer favourite
CFOs to gain margin points by backing AI strategically

Top stories

Cequence launches agent controls for enterprise AI
10ZiG & Nerdio expand Azure Virtual Desktop tie-up
HCLTech signs DP World Tour digital experience deal
Nuclear Institute launches careers conference in Manchester
Anthropic's AI agents spark debate over business risk