The top three most important soft skills needed by security professionals are critical thinking (57%), communication (56%), and problem solving (47%).

The percentage of respondent enterprises that provided training to allow nonsecurity staff to move into security roles dropped considerably, from 41% last year to just 29% this year.

The top method to address technical skill gaps is increasing usage of contract employees or outside consultants (30%), which is a decline from 36% last year.

Prior hands-on cybersecurity experience is considered very important by 60% of respondents, marking a decline from 73% last year.

Soft skills are the largest reported skill gap in cybersecurity, increasing from 51% in 2024 to 59% in 2025.

In Singapore, 59% of respondents stated the cybersecurity skills gap within their organization has worsened over the past 12 months.

Singapore reported the highest concern with lack of in-house expertise with tools, at 39%.

In Germany, 51% of respondents stated the cybersecurity skills gap within their organization has worsened over the past 12 months.

49% of respondents state the cybersecurity skills gap within their organization has worsened over the past 12 months.

In the U.S., 63.5% (14% points above the average) of respondents stated the cybersecurity skills gap within their organization has worsened over the past 12 months.

35% report lacking the internal skills to build or maintain workflows.

31% of financial organisations are turning to regional security partnerships to address the skills gap.

39% of financial organisations are turning to reskilling to address the skills gap.

More than half (52%) of financial organisations plan to outsource to address the skills gap.

57% of Canadian organisations cite skills shortages as a common barrier to GenAI adoption .