Technology professionals are increasingly concerned about the shortage of AI security skills within organizations, according to learning platform provider O'Reilly.
In its 2024 State of Security Survey report, the company found that 33.9% of technology professionals reported a lack of AI security skills, especially related to emerging vulnerabilities like spot injection.
Survey respondents also ranked AI-powered security tools as a top priority for the coming year (34.4%), followed by security automation (28.2%). Evidence that automating cybersecurity defenses is a growing trend among security professionals.
A worrying gap in cloud security skills
AI security isn't the only area where technology professionals have identified a critical skills gap.
Although cloud computing has been around for two decades, nearly two in five (38.9%) respondents identified cloud security as the most important skills shortage.
While the need for some key security measures appears to be widely understood, with a majority (88.1%) of technology professionals adopting multi-factor authentication (MFA), 60.1% deploying endpoint security and 49.2% implementing a Zero Trust model, However, cloud security is still highly unprotected.
Continuous learning is a top priority for security training
The top two needs identified by participants as main reasons explaining these skills gaps were lack of security training and certifications.
Better security awareness training for all employees (40.1%) was identified as the most important step in improving an organization's security posture, outperforming additional staff and better security tools.
Although 51.3% of companies require certifications to hire, 40.8% of security team members are still not certified. This gap is wide among incident responders (70% non-certified) but smaller for CISOs (33.3% non-certified).
CISSP and CompTIA Security+ are the most sought-after and sought-after credentials.
However, these sources alone are no longer enough, as most security professionals admitted that they need to use other educational resources, such as online courses (88.8%), books (76.6%), and videos (75.2%), to survive. Stay up to date with the best developments. Emerging practices and threats
Laura Baldwin, President of O'Reilly, highlighted the need for organizations to stay on top of their security needs: “Our survey reveals a seismic shift in the security landscape – it is no longer just an IT concern, but an enterprise-wide imperative.
“While certifications like CISSP remain critical, we are seeing critical skills gaps in cloud security and AI. To truly protect our digital future, we need high-quality continuous learning that goes beyond test prep and empowers every employee to be an advocate.” On the front lines against evolving threats.
O'Reilly surveyed more than 1,300 technology professionals for this report.
Read more: Most cyber leaders fear that AI-generated code will increase security risks
