The report notes that 38.9% of respondents identified cloud security as the area with the greatest skills shortage.
This finding indicates that many organizations are still struggling to effectively secure their cloud infrastructure and services.
Therefore, as companies continue to migrate their operations to the cloud, this experience gap may leave them vulnerable to cloud-specific security threats.
Emerging priorities and persistent threats
Looking to the future, the report indicates that AI-powered security tools are the top priority for the coming year, with 34.4% of respondents highlighting this area.
Security automation comes in next at 28.2%, indicating a strong push toward automated cybersecurity defenses.
However, despite the focus on advanced technologies, the survey reveals that traditional threats are still prevalent.
Phishing, a technique in which attackers use deceptive communications to trick individuals into revealing sensitive information, remains the top security concern for 55.4% of respondents, for example.
This is followed by network compromise (39.9%) and ransomware (35.1%).
A network intrusion is unauthorized access to a digital network, often to steal data or cause damage, while ransomware is malware that encrypts files, and demands payment in exchange for launching it.
The persistence of these “low-tech” threats highlights the importance of comprehensive employee training and awareness programs.
Certification and continuous learning
The report also highlights a notable gap in security certifications among professionals.
While 51.3% of companies need certifications to hire, 40.8% of security team members are still not certified.
This discrepancy is particularly evident among incident responders, 70% of whom lack certification.
However, the survey also reveals a strong focus on continuous learning within the industry.
The report indicates that 80.7% of employers mandate continuing education for security professionals, with 32.2% requiring 41 or more hours per year.
