Companies say they’re prioritizing cybersecurity, but lags in skills development, financial commitment persist for many
DOWNERS GROVE, Ill. – Cybersecurity is the top technology priority for the vast majority of organizations, but moving from aspiration to reality requires a top-to-bottom commitment that many companies have yet to make, according to new research released today by CompTIA, the nonprofit association for the technology industry and workforce.
CompTIA’s “State of Cybersecurity 2025” report reveals that cybersecurity is a primary or secondary priority for 98% of organizations. Yet only 25% of survey respondents feel that the overall direction of cybersecurity is improving dramatically, and only 22% characterize their organization’s cybersecurity efforts as completely satisfactory. Nearly 1,200 business and IT professionals across seven global regions were surveyed.[1]
“Something is missing, either in the approach organizations are taking or in their expectations around what ideal cybersecurity would look like,” said Seth Robinson, vice president, industry research, CompTIA.
Cybersecurity’s unique status as a business imperative at all organizational levels – staff, management, executives and governing bodies – may be the reason of the disconnect.
“Gone are the days when achieving cybersecurity improvement was a simple matter of purchasing updated technology,” Robinson explained. “Businesses must have ongoing discussions around their cybersecurity technology stack, processes that ensure protection of assets and an organizational structure that provides cutting-edge expertise.”
Cybersecurity expertise needed
The report identifies a growing need to build multiple layers of cybersecurity expertise. Among North American companies, 53% are considering new hiring as an option. An even greater percentage (56%) plan to pursue training for their current cybersecurity workforce, and 42% plan to offer cybersecurity certifications as a way of establishing core concepts within the team and extending skillsets into emerging focus areas.
Hiring and training require a financial commitment, though, and that remains a challenge for some. While a significant majority of respondents state that cybersecurity is a high priority at their firm, only 49% feel that it is relatively easy to procure funds for cybersecurity activities or that budgets are increasing.
“Developing skills is the most significant action companies may take in improving efficiency, but there are other options as well,” Robinson noted. “Increasing visibility and awareness among senior executives, establishing organizational imperatives and metrics and building policies that drive employee behavior will create a culture of cybersecurity.”
AI and cybersecurity
Artificial intelligence (AI) has the potential to accelerate, automate and complicate cybersecurity efforts. North American companies are evenly split between an emphasis on using AI internally to improve their defense and on learning about new forms of AI-enabled attacks. Current AI-enabled use cases include monitoring network traffic, generating defense tests and predicting future breaches.
CompTIA’s “State of Cybersecurity 2025” report is available at https://www.comptia.org/content/research/cybersecurity-trends-research.
About CompTIA
The Computing Technology Industry Association (CompTIA) is the world’s leading information technology (IT) certification and training body. CompTIA is a mission-driven organization committed to unlocking the potential of every student, career changer or professional seeking to begin or advance in a technology career. Millions of current and aspiring technology workers around the world rely on CompTIA for the training, education and professional certifications that give them the confidence and skills to work in tech. https://www.comptia.org/
Media Contact
Steven Ostrowski
CompTIA
[email protected]
+1.630.678.8468
[1] ANZ (Australia, New Zealand), ASEAN (Brunei Darussalam, Cambodia, Indonesia, Lao PDR, Malaysia, Myanmar, Philippines, Singapore, Thailand, Viet Nam ) Benelux (Belgium, Netherlands, Luxemburg), DACH (Germany, Austria, Switzerland), North America, and United Kingdom and Ireland.
Steve Ostrowski
Senior Director, Corporate Communications
(630) 678 - 8468
[email protected]
Roger Hughlett
Director, Corporate Communications
(202) 503 - 3644
[email protected]
Follow us on social media to keep up to date on CompTIA.
Download CompTIA logos and assets from our press releases to use in your article or write-up.
Access Now