IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia
Worried executives boardroom empty chair cybersecurity leader digital illustration
#
Digital Transformation
#
SOCs
#
AI

Fortinet report finds boards resist cyber hiring push

Wed, 29th Apr 2026 (Today)
Author image
By Sean Mitchell, Publisher

Fortinet has published its 2026 Global Cybersecurity Skills Gap Report, which found that many IT leaders face resistance when seeking approval to hire more cybersecurity staff.

The survey of more than 2,750 IT and cybersecurity decision-makers across 32 countries points to a labour market that remains tight as breach costs rise and companies adopt more artificial intelligence in security operations. It suggests boards broadly recognise cyber risk, but support for extra headcount often lags behind the scale of the threat.

Among the headline findings, 86 per cent of organisations said they had suffered at least one breach in the previous 12 months. More than half, 52 per cent, put the cost above USD $1 million, up from 38 per cent in 2021. Respondents in North America reported an average breach cost of USD $2 million.

Skills shortages remain central to the problem. For the third year in a row, 56 per cent of IT leaders identified a lack of cybersecurity skills as a leading cause of breaches. At the same time, 51 per cent said senior-level cybersecurity expertise was their greatest hiring need, while 49 per cent struggled to secure approval for additional staff.

The report also links cyber incidents to personal accountability at senior levels. Half of respondents said executives and board members had faced penalties after a cyberattack, underlining how cyber risk is now treated as a governance issue as well as an operational one.

AI pressure

Artificial intelligence adds a new layer of complexity. As companies introduce AI tools into security teams, many remain uncertain about how to govern the technology and guard against misuse by staff and attackers.

Only 50 per cent of leaders said their board members were fully aware of the risks linked to employee use of AI. Over the next three years, 63 per cent expected a greater need for AI oversight and governance roles within cybersecurity teams.

Use of AI tools in cyber defence is already widespread. The survey found that 91 per cent of respondents were using or experimenting with AI-based cybersecurity tools, and 84 per cent said those tools were helping IT and security teams work more effectively and efficiently. Even so, concern remains high, with 44 per cent citing defence against AI-enabled cyberattacks as a top issue.

Recruitment is also becoming more specialised as companies seek people who can work with these systems. Six in 10 respondents said their biggest hiring challenge was finding cybersecurity staff with specific AI experience.

Carl Windsor, Chief Information Security Officer at Fortinet, said: "Cybersecurity is not simply a technical issue but a strategic business risk. This year's survey suggests that while boards generally recognise the importance of cybersecurity, more investment is needed to address key issues, such as emerging AI risks and the ongoing cybersecurity skills shortage. Addressing these issues is critical to business resilience in an increasingly complex threat landscape."

Training shift

Although many organisations are struggling to add staff, the findings point to a stronger focus on training and certification. Some 92 per cent of respondents said they would pay for an employee to become certified, up from 73 per cent in the previous report.

That shift extends to AI-related learning. Another 92 per cent said they were likely to invest in AI-related cybersecurity training or certifications over the next 12 months. Organisations also reported a need for new skills in AI model development, AI tool oversight and security automation.

Internal retraining appears to be part of the response. The report found that 59 per cent of organisations were developing internal training or reskilling programmes to support AI adoption, while 52 per cent were buying training or reskilling services from external vendors.

There are also signs that employers are widening their search for talent. The survey found that 92 per cent use internships, apprenticeships, partnerships and other programmes to reach underrepresented groups, while 71 per cent have formal hiring targets for underused talent pools.

Regional view

The same issues are evident in Australia and New Zealand, where companies are dealing with the dual challenge of longstanding skills shortages and faster AI adoption.

Cornelius Mare, Chief Information Security Officer for Australia at Fortinet, said: "Organisations across Australia and New Zealand continue to face a persistent cybersecurity skills gap, and this is now being compounded by the rapid adoption of AI."

He said the pressure on local security teams is growing. "While many organisations are starting to use AI-powered security tools, there is still a clear gap in the skills needed to use these technologies effectively and securely. At the same time, attackers are moving quickly, which puts additional pressure on already stretched security teams."

Mare said companies would need to combine workforce development with technology investment. "For local organisations, this highlights the need to invest in both people and technology. Building internal capability, alongside adopting AI-enabled security operations, will be critical to improving resilience and reducing risk in an increasingly complex threat landscape."

Related stories
Australian inflation eases, but RBA tightening looms
Gigabyte launches glossy 27-inch OLED gaming monitor
NCS unveils AI partnerships for public safety in APAC
SCX joins Equinix Fabric in Australian AI expansion
AI advances are reshaping cyber risk, experts warn

Top stories

Logitech expands MX software tools across more devices
Australian mid-sized firms gain from AI, but skills lag
InDebted founder steps back as chief executive search begins
AI PC adoption moves from pilots to workplace rollout
Bloomberg launches 36 Australian equity benchmarks