The global cybersecurity sector is facing a critical shortage of skilled professionals, according to the World Economic Forum (WEF).
In its “Global Cybersecurity Outlook 2025,” the WEF noted that this persistent cyber skills gap continues to pose significant challenges for organisations striving to build resilient operations.
Estimates place the global shortfall at between 2.8 million and 4.8 million cybersecurity professionals, worsening vulnerabilities to cyberattacks. The report notes that over two-thirds of organisations remain inadequately protected due to insufficient access to critical expertise.
The WEF’s survey revealed that while 39 percent of organisations identify skills shortages as a major barrier to resilience, only 14 percent report having the necessary talent to meet their cybersecurity objectives. The problem is particularly pronounced in the public sector, where 49 percent of organisations acknowledge a workforce deficit in cybersecurity, an alarming 33 percent increase from 2024.
According to the WEF, the next-generation cybersecurity workforce must possess skills in operating AI and defending against it.
Read also: Top ten payment trends for 2025
“Artificial intelligence (AI) is emerging as both a challenge and an opportunity in the cybersecurity workforce and so skills in operating AI systems and defending against AI-driven threats grow increasingly vital,” it said.
Notably, organisations are adopting diverse strategies to bridge the cybersecurity skills gap. According to the WEF report, “76 percent are upskilling current employees, 54 percent are recruiting experienced professionals, 25 percent expect employees to upskill independently,24 percent are promoting apprenticeship programmes, and 23 percent are recruiting talent from non-traditional backgrounds, such as law, finance, and communications.”
As the cybersecurity sector becomes more integrated into broader business strategies, professionals who can translate technical details into actionable insights for stakeholders are increasingly valued. Effective communication and storytelling are emerging as critical skills in this field.
In April 2024, the WEF introduced the Strategic Cybersecurity Talent Framework, providing actionable strategies for building sustainable talent pipelines. The framework emphasised enhancing public understanding of cybersecurity roles, reducing barriers to entry, and promoting diversity within the workforce. It also called for rethinking recruitment practices, such as eliminating unrealistic job requirements and improving coordination between hiring managers and HR departments.
Retention, however, remains a critical issue. A 2023 Gartner report estimated that by 2025, nearly half of the cybersecurity leaders would switch jobs, while 25 percent would leave the field entirely due to work-related stress. Research by Proofpoint showed that 66 percent of Chief Information Security Officers (CISOs) feel organisations place excessive demands on them, with burnout affecting over half the past year.
Chuck Robbins, Chair and Chief Executive Officer of Cisco emphasised the need for collective action, “Technology is pervasive in all of our lives, and in the era of AI, the threat surface is expanding rapidly, creating an even greater need for advanced cybersecurity.
“We must close the growing cyber skills gap by focusing on training, reskilling, recruiting, and retaining cybersecurity talent. The technology sector has an important role to play, and Cisco is proud of our longstanding skills-to-jobs programme, Cisco Networking Academy, which works to close this gap.”