As cyberthreats continue to escalate, organizations face the reality that security attacks are not just a possibility but a certainty. At the same time, an estimated global shortfall of more than 4.7 million skilled professionals leads to critical security roles being unfilled at a time when they are needed most.
These are from a new report from Fortinet. It is based on survey conducted by Sapio Research in February 2025 among 1,850 IT and cybersecurity decision-makers from 29 different countries and locations, including Singapore.
Survey respondents come from a range of industries, including technology (22%), manufacturing (16%), and financial services (12%).
Findings show that the volume of breaches organizations experience is increasing year over year. Among organizations, 92% experienced at least one cyber breach in 2024, with more than one-third (44%) reporting five or more.
These figures mark a significant increase from 2021, when 80% of organizations reported breaches, and only 19% faced five or more.
Also, the cybersecurity skills shortage is a key contributor to increased breaches. Among respondents, 54% indicated a lack of IT security skills and training as one of the leading causes of breaches in their organizations.
Further, financial ramifications of breaches remain significant. More than half (68%) of surveyed organizations say cyber incidents cost them over $1 million in 2024, consistent with the prior year’s findings and sharply up from 38% in 2021.
While AI offers critical relief amid ongoing cyber skills shortages, organizations may not yet be fully prepared to harness its potential securely.
This year’s survey found that security technology with AI capabilities has been widely adopted. All organizations surveyed are either already using or plan to implement AI-enabled cybersecurity solutions, with threat detection and prevention cited as the top areas of interest for applying AI in cybersecurity.
In addition, AI can help alleviate the burden on short-staffed security teams. Among cybersecurity professionals, 96% expect AI to enhance their roles, rather than replace them, offering efficiency and relief amid skills shortages.
While AI can help security teams, teams lack AI skillsets to unlock the technology’s full potential. A majority of those surveyed (80%) say AI is helping their IT and security teams become more effective, but 42% of IT decision makers point to a lack of staff with sufficient AI expertise as the biggest challenge to successful implementation.
When it comes to the board of directors’ understanding of cybersecurity’s role at their organization, the report revealed the following.
Cybersecurity prioritization at the board level is on the rise with 62% of boards increasing their focus on the issue in 2024. Nearly all organizations now view cybersecurity as both a business (96%) and financial (92%) priority.
Board members aren’t as aware of the potential risks that AI use poses to their organizations. Fewer than half (40%) of all respondents indicated their boards fully understand the risks posed by AI, with awareness closely linked to whether their organizations are already deploying AI in their cybersecurity programs.
