Fortinet has released its 2025 Global Cybersecurity Skills Gap Report, highlighting persistent and emerging challenges faced by Indian organisations as they battle tightening talent shortages and rising cyber risks.
As enterprises increasingly turn to AI-powered technologies to strengthen their security postures and compensate for talent gaps, a growing concern is that the same tools may also be exploited by cybercriminals. The report identifies a critical shortage of AI skillsets within security teams, which, according to Fortinet, could undermine the effectiveness of these advanced technologies if not addressed through focused training and awareness initiatives.
“This year’s survey further underscores the urgent need to invest in cybersecurity talent,” said Vivek Srivastava, Country Manager, India & SAARC at Fortinet. “Without closing the skills gap, organisations will continue to face rising breach rates and escalating costs. The findings highlight an inflection point for both public and private sectors—without bold action to build and retain cybersecurity expertise, the risk to business resilience and societal trust will only grow.”
The data presents a stark picture. According to the report, 92% of Indian organisations suffered at least one cyber breach in 2024, with nearly 34% reporting five or more breaches during the year. While this marks a marginal improvement compared to initial findings in 2021, the overall trend confirms that threat volumes remain high. More than 54% of respondents identified inadequate IT security skills and training as one of the primary contributors to these incidents.
Beyond the operational disruptions, the financial impact of cyberattacks continues to intensify. The report reveals that 60% of organisations incurred losses exceeding $1 million in 2024 due to cyber incidents—an alarming jump from 38% in 2021—indicating that the cost of inaction on the skills front is escalating rapidly.
AI, while seen as a powerful ally, is a double-edged sword. Encouragingly, 82% of cybersecurity professionals believe AI will enhance their roles rather than replace them, enabling faster threat detection, automated responses, and improved efficiency. In fact, all surveyed organisations are either already using or planning to implement AI-enabled cybersecurity solutions, with a strong focus on threat detection and prevention. Yet, more than half of IT decision-makers (52%) cite the lack of AI expertise in their teams as the biggest obstacle to unlocking the full potential of these technologies.
The growing focus on cybersecurity is also becoming more visible at the board level. In 2024, 88% of boards increased their prioritisation of cybersecurity, with organisations now viewing it as both a critical business and financial imperative. However, the report notes a gap in understanding when it comes to AI-driven risks. While 66% of respondents say their boards understand the risks posed by AI, this awareness is often limited to organisations already deploying AI in their security environments.
Upskilling is therefore emerging as a central pillar in closing the gap. Certifications continue to hold significant value, with 98% of IT leaders preferring to hire candidates holding relevant credentials. These certifications are seen not only as validation of technical competence, but also as proof of an individual’s commitment to staying current in a rapidly evolving field. Despite this, organisational support for funding certifications has dipped, with only 82% now willing to sponsor employee certifications, compared to 92% in 2023.
To support organisations in addressing this challenge, Fortinet’s Training Institute continues to expand its global initiatives, offering one of the industry’s most comprehensive cybersecurity training and certification portfolios. Its Security Awareness and Training service includes AI-focused modules covering GenAI, AI-powered threats, and the evolving tactics used by cybercriminals. As part of its long-term commitment, Fortinet is also progressing toward its goal of training one million people in cybersecurity by the end of 2026.
The survey, conducted among 1,850+ IT and cybersecurity decision-makers across 29 countries, reinforces a clear message: in an era of AI-driven threats and digital dependence, closing the cybersecurity skills gap is no longer optional—it is foundational to business resilience and national digital security.
thanks