Exclusive: AI is widening cybersecurity workforce skills gap, Accenture says
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Aïda Amer/Axios
Companies are racing to secure AI systems, but many are still hiring cybersecurity workers using job descriptions, career ladders and training programs built before the AI boom.
Why it matters: Fending off AI-powered hacks expected from advanced AI models will require a new vision for how employers train, hire and retain cybersecurity talent.
The big picture: High burnout rates and extensive training requirements have left the cybersecurity industry scrambling for decades both to bring in entry-level workers and retain existing talent.
- "It's really not a shortage that we have anymore, it's a mismatch," Vikram Desai, global cybersecurity strategy and risk lead in Accenture's cybersecurity practice, told Axios.
Zoom in: Companies' growing reliance on AI systems is poised to exacerbate the problem, Desai said.
- Desai said employers will increasingly look for cyber professionals who can adapt to new systems and exercise judgment when evaluating emerging threats.
- Retaining workers will require prioritizing new AI-powered defense tools and upskilling employees so they don't seek out such opportunities elsewhere.
By the numbers: 59% of open cybersecurity roles require job candidates to have a combination of technical skills and strategic business savvy, according to Accenture's analysis of more than 550,000 cybersecurity job postings and professional online profiles around the world.
- But only 40% of cybersecurity professionals currently have both skillsets, per the report.
- At the same time, demand for AI-related cybersecurity skills has increased 2.5x since 2020, underscoring how quickly employers' needs are changing.
- Accenture's review covered listings and online resumes posted between Oct. 2024–Oct. 2025.
Between the lines: Many companies still view cybersecurity leaders as technical specialists rather than business executives, a perception that may complicate efforts to build the business-savvy workforce employers increasingly say they need.
- At a recent lunch with board directors representing dozens of companies, Desai said only a few hands went up when he asked whether they viewed the CISO as a true member of the C-suite.
Yes, but: Security leaders are being asked to invest simultaneously in AI tools, workforce training and retention programs at a time when many companies remain under cost pressure and face competing technology priorities.
- Teaching a security analyst how a pharmaceutical supply chain works or teaching a business leader how to assess cyber risk could take years.
- Meanwhile, the average tenure of a cybersecurity employee has shrunk from 3.3 years to 1.8 years in the last decade, according to the report.
What to watch: Accenture anticipates AI will generate more demand for jobs in AI governance, securing AI models and threat intelligence, Desai said.
- "I use these frontier models to do a lot of the things that I do in my role, but even as they get more and more advanced, I'm seeing that [AI] still doesn't have judgment, it doesn't have context, it doesn't have experience."
Go deeper: Tapping the powers of Mythos-like models still requires human intervention
