AI Reshapes Cybersecurity Workforce Priorities as IT Teams Brace for New Risks

Artificial intelligence has moved from experimental labs into the daily operations of security teams, prompting a rapid shift in workforce priorities. Recent research from Hack The Box, which surveyed over 702,000 professionals in 251 countries, shows AI‑driven penetration testing now ranks fourth among global training interests, while enterprise AI‑security course completion reached 64% by late 2025. Parallel findings from ISC²’s study of 16,029 cyber experts confirm that AI is simultaneously hailed as the most promising defensive technology and the greatest source of new risk. This dual perception is forcing CISOs to rethink talent strategies and budget allocations.

The reports also expose a changing threat landscape. Prompt‑injection attacks accounted for 29% of AI‑related challenges on Hack The Box’s platform, followed by model exploitation and agentic AI hijacking. ISC² respondents flagged AI‑powered social engineering as the top concern, with 51% already experiencing it and expectations rising to 57% within two years. Agentic AI, a nascent capability that can act autonomously, appears on both the positive and negative lists, underscoring its potential to amplify attacker effectiveness while offering defensive automation. These trends signal that adversaries are weaponizing AI faster than many organizations can adapt.

To stay ahead, security leaders must close the operational divide between teams that can harness AI and those that cannot. Both studies recommend continuous, hands‑on training that blends offensive and defensive skill sets, effectively turning traditional silos into collaborative units. Expanding global talent pipelines and investing in AI‑focused curricula are essential to mitigate the chronic cybersecurity workforce shortage. As AI tools become integral to risk management, organizations that rapidly upskill their staff and embed AI literacy across the board will gain a decisive advantage in defending against sophisticated, AI‑enabled attacks.