The critical role that partnerships play in shrinking the cyber skills gap

Organizations everywhere are facing a perfect storm of cybersecurity challenges. As AI accelerates the volume and velocity of threats, sophisticated technology and skilled human analysts are vital to building an effective defense. Digital transformation initiatives are creating an expanding attack surface of endpoints that teams must secure, often while operating with outdated infrastructure and constrained budgets. Regardless of the unique challenges an entity faces, executives are concerned—72% of leaders report an increase in cyber risks at their respective organizations, and nearly half are worried about significant disruption to their operations.

While businesses grapple with this new reality, security leaders around the world face additional and distinct challenges that differ from their American counterparts, particularly in developing nations. The skills gap continues to widen, with nearly 5 million professionals needed to fill vital roles worldwide—a 19% increase from 2023. Some regions struggle with limited IT education resources and training opportunities, making finding or upskilling talent even more difficult. In addition to finding the right practitioners, many leaders say they lack the necessary resources to help existing employees advance their skills. More than a quarter (26%) noted the difficulty of retaining individuals with in-demand skill sets, and 22% said they struggle to provide professional development opportunities for their existing employees.

Beyond staffing-related hurdles, changing regulatory requirements, aging infrastructure, a general lack of connectivity (or 5G deployment challenges), and limited modernization resources have significant implications for business leaders and security professionals in many regions. All of these factors must be considered as we work together to find solutions for building the global cybersecurity talent pipeline.

A scalable, sustainable approach to developing cybersecurity talent

I recently attended the second annual Global Conference on Cyber Capacity Building (GC3B) in Geneva, Switzerland, hosted by the Swiss Federal Department of Foreign Affairs and in collaboration with the Global Forum on Cyber Expertise. While conversations spanned a variety of topics related to cybersecurity capacity building, talent development was a recurring discussion theme.

One of the event’s keynote speakers said it best: “Building cyber capacity is not just about technology; it’s about people. We can build all the capacity in the world, but if we do not have the workforce to implement and manage it, then it will do more harm than good.” Another participant reiterated this sentiment, saying that the decisions countries make regarding cyber workforce development will “not only determine who thrives, but who survives.”

Much like the threat landscape that defenders must navigate daily, developing a sustainable cybersecurity talent pipeline presents unique challenges, spanning from conceptual planning to real-world implementation. And while there is no one-size-fits-all approach, there are numerous frameworks and existing partnerships designed to address this issue that we can look to for best practices. For example, the World Economic Forum’s 2024 Strategic Cybersecurity Talent Framework outlines the distinct yet interconnected components of developing and managing cybersecurity talent. The framework offers actionable solutions for attracting talent, training and upskilling the current workforce, and recruiting and retaining the right talent.

And just last month, the World Economic Forum published additional guidance on how public-private partnerships can help develop the global cyber workforce, addressing the growing cyber inequity across organizations, sectors, and economies. By drawing on shared expertise, these public-private partnerships can create new employment pathways and play a vital role in shrinking the cyber talent gap, especially in regions that don’t typically have the funding or infrastructure to attract seasoned security practitioners.

Building the cyber talent pipeline through partnerships: a real-world example

Fortinet’s work in Morocco offers an example of how uniquely crafted partnerships can help develop cyber-talent pipelines, particularly in under-resourced regions. Through the “Code 212” initiative, Fortinet works with two ministries and 12 Moroccan universities, integrating hands-on cybersecurity training for students across many disciplines. We recently completed a week-long train-the-trainer session with 29 professors representing all 12 of the universities. These “Code 212 schools” are preparing over 100,000 young people each year for digital careers, supporting Morocco’s broader capacity-building goals.

Cybersecurity capacity building requires ongoing collaboration

The growing complexity of today’s threat landscape shines a light on cyber inequity, leaving certain regions especially vulnerable. By working together across borders and sectors, we can develop effective and practical solutions that make the resources, technologies, knowledge, and talent more accessible to strengthen their defenses.

Like most challenges in cybersecurity, no nation or organization can successfully tackle capacity building alone. We need coordinated, ongoing partnerships among industry, academia, nonprofits, and government agencies. It requires scalable and sustainable models and demands that we reframe how we think about qualifications for cyber jobs, placing real value on skills, experience, certifications, and alternative educational pathways.

Read more about the vital role that public-private partnerships play in building the cyber workforce of tomorrow in this blog post.