The report indicates that 38.9% of respondents identified cloud security as the area with the greatest skills shortage.
This result indicates that many organizations still struggle to effectively secure their cloud-based infrastructure and services.
Therefore, as businesses continue to migrate their operations to the cloud, this expertise gap could potentially leave them vulnerable to cloud-specific security threats.
Emerging priorities and persistent threats
Looking ahead, the report states that AI-powered security tools are the top priority for the coming year, with 34.4% of respondents highlighting this area.
Security automation follows closely at 28.2%, signaling a strong push toward automated cybersecurity defenses.
However, despite the focus on advanced technologies, the survey reveals that traditional threats remain predominant.
For example, phishing, a technique in which attackers use deceptive communications to trick individuals into revealing sensitive information, remains the top security concern for 55.4% of respondents.
This is followed by network intrusions (39.9%) and ransomware (35.1%).
Network intrusion is unauthorized access to a digital network, often to steal data or cause damage, while ransomware is malware that encrypts files and demands payment for their release.
The persistence of these “low-tech” threats perhaps highlights the importance of comprehensive employee training and awareness programs.
Certification and continuing education
The report also highlights a notable gap in security certifications among professionals.
While 51.3% of companies require certifications for hiring, 40.8% of security team members are still not certified.
This gap is particularly pronounced among incident responders, with 70% lacking certifications.
However, the survey also reveals a strong emphasis on continuing education within the industry.
The report states that 80.7% of employers require continuing education for security professionals, and 32.2% require 41 hours or more per year.