Eighty-four percent (84%) of cybersecurity professionals are starting to rely more on artificial intelligence (AI) to support their work, but many organizations still lack the skills needed to use the technology effectively, according to Fortinet’s 2025 Global Cybersecurity Skills Gap Report.
The report shows that companies are increasingly turning to AI to strengthen their security and address staff shortages, while also recognizing that the same technology can be used to launch more advanced cyberattacks. This risk is higher as many teams do not yet have enough AI expertise.
“This year’s survey shows how the cybersecurity skills gap continues to challenge organizations worldwide, including those in the Philippines,” said Bambi Escalante, country manager of Fortinet Philippines. “Organizations face rising breach incidents and greater financial impact when this gap remains unaddressed. The findings point to a crucial moment for both public and private sectors to take firm action to develop and retain cybersecurity talent. Risks and costs will continue to grow if action is delayed.”
Cyberattacks have become a certainty for most organizations. The report estimates a global shortage of more than 4.7 million skilled cybersecurity professionals, leaving key security roles unfilled. In the Philippines, 98% of organizations surveyed reported at least one cyber breach in 2024, with 34% saying they experienced five or more incidents. This is a clear increase from 2021, when 86% reported breaches.
Skills shortages remain a major reason for these incidents. Nearly half of respondents, or 49%, cited a lack of IT security skills and training as a leading cause of breaches in their organizations.
The financial impact is also significant. Almost half of surveyed organizations, or 47%, said cyber incidents cost them more than $1 million in 2024. While this figure is slightly lower than previous years, it still shows that breaches carry heavy business risks.
AI is widely seen as part of the solution. All organizations surveyed said they are already using or planning to use AI-enabled cybersecurity tools, mainly for threat detection and prevention. Cybersecurity professionals expect AI to improve their roles rather than replace them, helping teams work faster and manage heavy workloads.
However, the lack of AI skills is slowing progress. While 88% said AI is already making IT and security teams more effective, 64% of IT decision-makers pointed to insufficient AI expertise among staff as the biggest barrier to successful use.
At the leadership level, cybersecurity is gaining attention. Ninety percent (90%) of boards increased their focus on cybersecurity in 2024. All organizations now see it as a business priority, and 94% consider it a financial concern. Still, board awareness of AI-related risks is uneven. Only 66% of respondents said their boards fully understand the risks tied to AI use, often depending on whether AI is already part of security operations.
The report also highlights the continued importance of certifications. Eighty-two percent (82%) of IT leaders prefer candidates with certifications, seeing them as proof of up-to-date knowledge and familiarity with key tools. However, support for funding certifications has declined, with only 82% of organizations now willing to pay for them, down from 98% in 2023.
Fortinet said closing the cybersecurity skills gap will require changes in hiring, broader training, and sustained investment in people and technology as threats continue to grow.