Fortinet Report Warns India’s Cybersecurity Skills Gap Is Widening as AI Becomes Critical to Defending Against Rising Cyberattacks

Bangalore, November 26: Fortinet has released its 2025 Global Cybersecurity Skills Gap Report, highlighting the widening shortage of cybersecurity expertise in India and the growing dependence on AI tools to keep pace with escalating cyberthreats. While 82% of cybersecurity professionals expect AI to enhance their roles and ease workloads, most organisations acknowledge that they lack the AI skillsets required to use the technology securely and effectively.

The report notes that organisations are turning to AI to strengthen security postures even as cybercriminals weaponise the same technologies to launch more sophisticated attacks. The lack of cybersecurity awareness and training remains the top cause of breaches, and boards continue to struggle with understanding the strategic and operational implications of AI-driven risks.

Vivek Srivastava, country manager for India & SAARC at Fortinet, said the findings underline the urgent need to build and retain cybersecurity talent. “Without closing the skills gap, organizations will continue to face rising breach rates and escalating costs,” he said. “This is an inflection point for both public and private sectors.”

Breaches Rising, Shortage Deepening
According to the report, 92% of Indian organisations suffered at least one cyber breach in 2024, with 34% reporting five or more. While slightly lower than figures reported in 2021, the impact remains severe. Over half of surveyed organisations (54%) cited the lack of IT security skills and training as a primary contributor to breaches.

Financial losses remain steep: 60% of organisations reported that cyber incidents cost them more than USD 1 million in 2024—sharply up from 38% in 2021, though consistent with the prior year.

The report also points to a global deficit of 4.7 million cybersecurity professionals, resulting in critical security roles remaining unfilled even as attack volumes rise.

AI Adoption Growing, but Expertise Lags
Every organisation surveyed is already using or planning to implement AI-enabled cybersecurity solutions, with threat detection and prevention emerging as top use cases. A large majority (82%) of security professionals believe AI will augment their roles rather than replace them.

However, half of IT decision-makers surveyed (52%) cite a lack of AI expertise as the biggest barrier to effective AI adoption. Despite widespread deployment, 70% of organisations that experienced nine or more attacks in 2024 had AI tools in place, suggesting that technology alone is insufficient without specialised skills.

Board Focus Increasing but Gaps Remain
Board-level prioritisation of cybersecurity continues to rise, with 88% of boards increasing their focus in 2024. All organisations surveyed view cybersecurity as both a business and financial priority. Yet only 66% of respondents felt their boards fully understood the risks posed by AI tools, especially in organisations that have not yet integrated AI into their security programmes.

Certifications Highly Valued, Support Declining
Ninety-eight percent of IT decision-makers prefer to hire candidates with cybersecurity certifications, which they say validate technical knowledge, demonstrate currency in a rapidly evolving field and reflect familiarity with vendor tools. However, organisational support for funding certifications has dropped from 92% in 2023 to 82% in 2024.

Closing the Gap: Training, Awareness and Technology
The report stresses that bridging India’s cybersecurity talent gap is essential for business resilience. Organisations must rethink hiring, expand access to targeted training and invest aggressively in upskilling.

Fortinet highlighted the role of the Fortinet Training Institute—one of the industry’s broadest certification programmes—in expanding access to cybersecurity careers. The institute offers AI-focused Security Awareness Training modules, covering GenAI, AI-powered cyber threats and evolving attack methodologies. Fortinet remains on track to train 1 million people in cybersecurity globally by 2026, a pledge it made in 2021.

The 2025 report is based on responses from more than 1,850 IT and cybersecurity decision-makers across 29 countries, representing sectors including technology, manufacturing and financial services.