Fortinet Annual Report Indicates AI Skillsets Critical to Cybersecurity Skills Gap Solution

SUNNYVALE, Calif., Oct. 08, 2025 (GLOBE NEWSWIRE) --

News Summary

^® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today released its , shedding light on the new and persistent challenges organizations face due to the cybersecurity skills gap. The global survey’s key findings include:

• As organizations are turning increasingly to AI to strengthen their security postures and fill gaps, they also acknowledge that AI may be used against them as an engine of new or improved cyberattacks, especially given the lack of AI skillsets across teams.
• Lack of cybersecurity awareness and training remains the top cause of breaches.
• Boards lack cyber knowledge, despite it being a priority.
• Organizations want cybersecurity personnel with certifications.

“This year’s survey further underscores the urgent need to invest in cybersecurity talent,” said Carl Windsor, CISO at Fortinet. “Without closing the skills gap, organizations will continue to face rising breach rates and escalating costs. The findings highlight an inflection point for both public and private sectors: Without bold action to build and retain cybersecurity expertise, the risks and costs will only continue to grow for our society.”

Report Links Cyber Skills Gap to Escalating Security and Financial Risks

As cyberthreats continue to escalate, organizations face the reality that security attacks are not just a possibility but a certainty. At the same time, an leads to critical security roles being unfilled at a time when they are needed most. Key findings about the impact of the skills gap on organizations globally include:

• The volume of breaches organizations experience is increasing year over year. According to the 2025 Fortinet Global Skills Gap Report, 86% of organizations experienced at least one cyber breach in 2024, with nearly one-third (28%) reporting five or more. These figures mark a significant increase from 2021, when the inaugural Fortinet Global Skills Gap Report was released, in which 80% of organizations reported breaches, and only 19% faced five or more.
• The cybersecurity skills shortage is a key contributor to increased breaches. More than 50% of those surveyed (54%) indicated a lack of IT security skills and training as one of the leading causes of breaches in their organizations.
• Financial ramifications of breaches remain significant. More than half (52%) of surveyed organizations say cyber incidents cost them over $1 million in 2024, consistent with the prior year’s findings and sharply up from 38% in 2021.
  
  

AI Could Ease Strain on Security Teams, but Lack of Expertise Is a Growing Risk

While AI offers critical relief amid ongoing cyber skills shortages, organizations may not yet be fully prepared to harness its potential securely. This year’s survey found:

• Security technology with AI capabilities has been widely adopted. An overwhelming 97% of organizations surveyed are either already using or plan to implement AI-enabled cybersecurity solutions, with threat detection and prevention cited as the top areas of interest for applying AI in cybersecurity.
• AI can help alleviate the burden on short-staffed security teams. 87% of cybersecurity professionals expect AI to enhance their roles, rather than replace them, offering efficiency and relief amid skills shortages.
• While AI can help security teams, teams lack AI skillsets to unlock the technology’s full potential. A majority of those surveyed (80%) say AI is helping their IT and security teams become more effective, but nearly half (48%) of IT decision makers point to a lack of staff with sufficient AI expertise as the biggest challenge to successful implementation. Seventy-six percent of organizations that suffered nine or more cyberattacks in 2024 had AI tools in place, suggesting that adoption alone isn't enough without the right expertise.
  
  

As Board-Level Focus on Cybersecurity Grows, Understanding of AI Impact Lags

When it comes to the board of directors’ understanding of cybersecurity’s role at their organization, the report revealed the following:

• Cybersecurity prioritization at the board level is on the rise with 76% of boards increasing their focus on the issue in 2024. Nearly all organizations now view cybersecurity as both a business (96%) and financial (95%) priority.
• Board members aren’t as aware of the potential risks that AI use poses to their organizations. Fewer than half (49%) of all respondents indicated their boards fully understand the risks posed by AI, with awareness closely linked to whether their organizations are already deploying AI in their cybersecurity programs.

Upskilling Remains a Focus in Addressing the Skill Gap

As the cyber skills shortage persists, other key findings from the report include:

• Certifications continue to be highly valued by employers. Eighty-nine percent of IT decision-makers prefer to hire candidates who hold certifications. Most respondents said certifications validate cybersecurity knowledge (67%), demonstrate an ability to stay current in a fast-evolving field (61%), and indicate familiarity with key vendor tools (56%).
• Organizational support for funding certifications has declined. Only 73% of respondents now say they are willing to pay for employees to obtain certifications, down from 89% in 2023.

Closing the Skills Gap Is Critical to Business Resilience

The makes clear that cybersecurity has become a board-level priority, driven by the rise of AI and the escalating risks to business operations. Closing the global skills gap remains essential. Organizations must rethink hiring practices, tap into underutilized talent pools, and invest in training and upskilling to build and retain the expertise they need. This requires a coordinated approach grounded in three key pillars: raising awareness and education, expanding access to targeted training and certification, and embracing advanced security technologies.

To help organizations address the challenges they face as a result of the cyber skills gap, the award-winning , one of the industry's broadest training and certification programs, is dedicated to making cybersecurity certification and new career opportunities available to all populations, including a  service for organizations to develop a cyber-aware workforce. The Security Awareness and Training service offers  enhance understanding of AI and the role it plays in cybersecurity, including an introduction to GenAI and curriculum around AI-powered threats, covering the various methods that cybercriminals use when harnessing AI to create and enhance cyberattacks.

Additionally, as part of Fortinet’s commitment to addressing this growing challenge, Fortinet is on track to train 1 million people in cybersecurity around the world by the end of 2026, since setting that pledge in 2021.

About the Fortinet Skills Gap Survey

• The survey was conducted among over 1,850 IT and cybersecurity decision-makers from 29 different countries and locations.
• Survey respondents come from a range of industries, including technology (22%), manufacturing (16%), and financial services (12%).

Additional Resources

• Learn more about the Fortinet Training Institute programs, helping address the cyber skills gap through upskilling and reskilling, and .
• Visit to learn about Fortinet innovation, collaboration partners, product security processes, and enterprise-grade products.
• Read about how are securing their organizations.
• Learn about , including its responsible product development and vulnerability disclosure approach and policies.
• Follow Fortinet on , , , and . Subscribe to Fortinet on our or .
  
  

About Fortinet

(Nasdaq: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere our customers need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The , one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. Collaboration with from both the public and private sectors, including Computer Emergency Response Teams (“CERTS”), government entities, and academia, is a fundamental aspect of Fortinet’s commitment to enhance cyber resilience globally. , Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at , the , and .

Copyright © 2025 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet’s trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiMail, FortiSandbox, FortiADC, FortiAI, FortiAIOps, FortiAgent, FortiAntenna, FortiAP, FortiAPCam, FortiAuthenticator, FortiCache, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCASB, FortiCentral, FortiCNP, FortiConnect, FortiController, FortiConverter, FortiCSPM, FortiCWP, FortiDAST, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevSec, FortiDLP, FortiEdge, FortiEDR, FortiExplorer, FortiExtender, FortiFirewall, FortiFlex FortiFone, FortiGSLB, FortiGuest, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMonitor, FortiNAC, FortiNDR, FortiPAM, FortiPenTest, FortiPhish, FortiPoint, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiScanner, FortiSDNConnector, FortiSIEM, FortiSMS, FortiSOAR, FortiSRA, FortiStack, FortiSwitch, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM, FortiXDR and Lacework FortiCNAPP. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments.