{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreiafgswdg5lan5owz37357wpjz7s4oazvlqdkrvlqous3a2jkpexsi",
"uri": "at://did:plc:qzjwstutqk2cy7df7jbzd2hx/app.bsky.feed.post/3mmci3nnvvtn2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreicgheqkrwcg37xaqtjq5bch3gr4jcxsss4i27aetnk4xqf3vnd2oi"
},
"mimeType": "image/jpeg",
"size": 8920781
},
"path": "/article/4174188/ai-reshapes-cybersecurity-workforce-priorities-as-it-teams-brace-for-new-risks.html",
"publishedAt": "2026-05-20T15:02:09.000Z",
"site": "https://www.networkworld.com",
"tags": [
"Careers, IT Jobs, IT Skills and Training, Network Security, Security",
"cybersecurity operations",
"Hack The Box",
"ISC2",
"Hack The Box’s Cybersecurity Workforce Intelligence Report",
"ISC2’s latest workforce research",
"Haris Pylarinos",
"statement",
"AI-related security",
"cybersecurity",
"Automation"
],
"textContent": "Artificial intelligence is reshaping cybersecurity operations, workforce development, and enterprise risk management, according to separate research reports from Hack The Box and ISC2, which found that organizations are embracing AI security tools while they are also preparing for new AI-enabled threats.\n\nHack The Box’s Cybersecurity Workforce Intelligence Report found that AI penetration testing now ranks among the top global cybersecurity training priorities, while ISC2’s latest workforce research shows AI is viewed as both the technology most likely to improve security and the one most likely to increase risk.\n\n“AI is creating a divide between teams that can operationalize it and those that can’t, and that divide directly translates into risk,” said Haris Pylarinos, founder and CEO of Hack The Box, in a statement. “For CISOs, the challenge is ensuring their teams can operate effectively with AI, and without it when needed.”\n\nThe Hack The Box report is based on anonymized data from more than 702,000 cybersecurity professionals across 251 countries, and it revealed that prompt injection attacks accounted for 29% of solved AI-related security challenges on its platform, followed by machine learning model exploitation at 24%, and agentic AI hijacking at 12%. According to Hack The Box, those attack categories reflect growing concern over threats targeting AI models and autonomous systems directly.\n\n“Training data signals a clear shift toward AI-driven attack vectors, highlighting where the next generation of cybersecurity risks is emerging,” the report states.\n\nThe Hack The Box report also found that AI penetration testing ranked No. 4 globally among cybersecurity training interests and that enterprise-led AI security training completion rates reached 64% in late 2025. “Cybersecurity skill development is shifting toward a continuous, integrated model where offensive insights and defensive capabilities evolve together,” the report states. “Cybersecurity training participation reflects an increasingly global workforce.”\n\nThe ISC2 workforce study, which is based on responses from 16,029 cybersecurity professionals, also found that respondents consider AI as both a tool and a risk. A few key findings from the ISC2 workforce study are:\n\n * 52% of cybersecurity professionals said AI will have the greatest negative impact on security\n * 41% said AI will have the greatest positive impact.\n * 51% of respondents ranked AI-powered social engineering as the top cybersecurity challenge.\n * AI-powered social engineering concerns rise to 57% over the next two years.\n\n\n\nAgentic AI ranked high among perceived future risks. ISC2 researchers said agentic AI debuted this year as both a top-five positive and negative technology influence.\n\n“This dual ranking underscores a reality that cybersecurity professionals are grappling with now: AI is not a single-dimensional tool,” the ISC2 report stated. “It is simultaneously an accelerator for defenders and a force multiplier for adversaries.”\n\nRespondents identified the top emerging technologies and architectures that will have the most positive impact on securing assets and organizations:\n\n * AI: 41%\n * Automation in cybersecurity: 35%\n * Zero trust: 33%\n * Passwordless authentication: 22%\n * Agentic AI: 21%\n * Risk-based vulnerability management: 21%\n\n\n\nWhen asked about the technologies that will have the most negative impact, AI topped the list again with 52% of respondents.\n\n“As AI moves from experimentation into operational reality, its impact is becoming more tangible,” the ISC2 report stated. “Unlike other technologies whose influence appears to be stabilizing, AI continues to intensify conversations around risk, responsibility, and readiness.”\n\nThe studies also suggest AI is driving changes in how cybersecurity teams are structured. Hack The Box found an overlap between offensive and defensive security skill development. Defensive practitioners increasingly participate in offensive training exercises, while offensive security professionals are also building defensive expertise, according to the research.\n\nISC2’s research also highlighted mounting concern about workforce preparedness as AI-driven attacks become more sophisticated. AI-powered social engineering attacks ranked as the top cybersecurity challenge professionals faced over the past 12 months, cited by 51% of respondents. That number rises to 57% when respondents look ahead to the next two years.\n\nThe reports suggest security leaders view AI-enabled phishing, impersonation, and deception campaigns as more immediate threats than traditional workforce shortages or compliance burdens, which have historically dominated cybersecurity workforce surveys. For CISOs, the research points toward several emerging priorities: investing in AI security skills, adopting continuous hands-on training programs, and expanding global talent pipelines to address persistent workforce shortages.\n\n“For many teams, the challenge is no longer whether AI will shape security outcomes, but how quickly they can adapt alongside it,” the ISC2 report stated.\n\n\n",
"title": "AI reshapes cybersecurity workforce priorities as IT teams brace for new risks"
}