Hack The Box, a global provider of AI cybersecurity readiness solutions, has published its Cybersecurity Workforce Intelligence Report, outlining how AI is reshaping cybersecurity roles, influencing skill development, and changing the structure of security teams worldwide.
Drawing from anonymized data gathered from more than 702,000 cybersecurity professionals across 251 countries and territories, the report identifies a significant increase in demand for advanced AI-related cybersecurity capabilities and more collaborative workforce models. As organizations integrate AI into both offensive and defensive operations, the findings indicate that cybersecurity resilience will rely heavily on the expertise, flexibility, and preparedness of security professionals.
The report also points to a rapid rise in organizational investment focused on AI security competencies. AI penetration testing has emerged as one of the highest-priority training areas globally, reflecting the growing operational importance of securing AI-driven environments and systems.
“AI is creating a divide between teams that can operationalize it and those that can’t, and that divide directly translates into risk,” said Haris Pylarinos, Founder and CEO of Hack The Box.. “For CISOs, the challenge is ensuring their teams can operate effectively with AI, and without it when needed.”
AI Security Challenges Are Driving New Skill Priorities
Cybersecurity professionals are increasingly focusing on emerging AI-related threats, including prompt injection, machine learning model exploitation, and agentic AI attacks. According to Hack The Box training data, Prompt Injection represented 29% of completed challenges during the reporting period, followed by Machine Learning Model Exploitation at 24% and Agentic AI Hijacking at 12%, making them the most frequently addressed AI security domains in the dataset.
At the same time, the report identifies a growing convergence between offensive and defensive cybersecurity disciplines. The increasing overlap in training paths suggests organizations are moving away from siloed security functions toward more integrated, purple-team operating models. Practitioners are developing complementary skill sets that span attack simulation, validation, detection, and defense across the full cybersecurity lifecycle.
The findings further suggest that cybersecurity teams will increasingly be evaluated based on adaptability, decision-making, and cross-functional expertise. For CISOs, this means AI adoption alone is insufficient without ensuring teams possess the capabilities to assess, validate, and defend complex AI-enabled environments.
Hands-on, structured cybersecurity training programs are playing a central role in this transition. The report found that AI-focused training programs achieved a 64% completion rate, reinforcing the effectiveness of enterprise-led learning initiatives in accelerating advanced cybersecurity skill development.
The research also highlights the continued globalization of cybersecurity talent. India has emerged as a major cybersecurity talent hub alongside the United States, the United Kingdom, France, and Brazil. Together, these countries account for nearly 36% of the cybersecurity upskilling activity captured in the report.
Workforce Strategy Implications for CISOs
The report advises security leaders to reassess workforce development strategies to remain effective in an increasingly AI-driven threat landscape. Key recommendations include:
- Prioritizing AI security skills to address emerging attack vectors and secure AI-enabled systems
- Investing in integrated training programs that combine offensive and defensive cybersecurity expertise
- Expanding access to international talent pools to help address cybersecurity workforce shortages
- Supporting continuous, hands-on upskilling initiatives to maintain operational readiness
According to the report, enterprise-led cybersecurity training initiatives are producing stronger engagement and faster adoption of emerging skills than self-directed learning approaches.
The full report is available here.
____
About Hack The Box
Hack The Box is the leading cyber readiness platform for the agentic era, battle-testing and upskilling both humans and AI agents for organizational cyber resilience. Trusted by the Fortune 500, government agencies, and MSSPs, the platform delivers threat-informed learning paths consisting of real-world scenarios in gamified labs and live-fire simulations that build and validate offensive and defensive cyber capabilities. With a loyal community of more than 4 million members and 800+ enterprise customers, Hack The Box empowers teams and intelligent systems alike to strengthen cyber defenses and reduce breach risk effectively. For more information, visit hackthebox.com.
Join our LinkedIn group Information Security Community!
