Fortinet's 2025 Global Cybersecurity Skills Gap Report reveals critical challenges organisations face due to a widening skills gap in cybersecurity. This year's findings highlight the urgent need for investment in cybersecurity talent to combat rising breach rates and escalating costs.
As cyber threats become increasingly sophisticated, organisations are turning to AI to bolster their security postures. However, the report warns that AI can also be weaponised against them, especially given the prevailing lack of AI skillsets among security teams.
“Without bold action to build and retain cybersecurity expertise, the risks and costs will only continue to grow for our society,” stated Carl Windsor, CISO at Fortinet.
The report unveils that 86% of organisations experienced at least one cyber breach in 2024, a significant increase from prior years. Additionally, 54% of respondents cited a lack of IT security skills and training as a primary cause of these breaches.
Financially, 52% of organisations reported that cyber incidents cost them over $1 million, reinforcing the substantial impact of inadequate cybersecurity measures.
While AI technologies are being rapidly adopted—97% of surveyed organisations are using or planning to implement AI-enabled solutions—the report highlights a concerning trend: nearly half (48%) of IT decision-makers indicate a lack of staff with sufficient
AI expertise as a major barrier to successful implementation. This gap is alarming, especially as 76% of organisations that suffered multiple cyberattacks had AI tools in place.
Source: 2025 Cybersecurity Skills Gap, Fortinet
The report also notes that while cybersecurity is becoming a board-level priority, with 76% of boards increasing focus on the issue, understanding of AI risks lags. Less than half (49%) of respondents believe their boards fully comprehend the potential risks associated with AI.
To address the skills gap, the report emphasises the importance of upskilling and certifications. 89% of IT decision-makers prefer candidates with certifications, yet support for funding these certifications has declined, with only 73% willing to cover costs for employee training.
As the cybersecurity landscape evolves, organisations in Asia must take proactive steps to close the skills gap. This includes investing in targeted training, expanding access to certification programmes, and embracing advanced security technologies.
Fortinet’s Training Institute aims to provide accessible cybersecurity training and resources to help organisations develop a cyber-aware workforce equipped to face these challenges.
