The Cybersecurity Workforce Intelligence Report by Hack The Box examines the impact of AI on cybersecurity skills, career pathways, and team structures. It is based on data from more than 702,000 cybersecurity professionals across 251 countries and identifies an increase in AI-related skills and more integrated team models. The report links this trend to organisations increasing investment in AI security capabilities, including AI penetration testing.
It notes that cybersecurity professionals are focusing on emerging risks such as prompt injection, model exploitation, and agentic AI attacks. Prompt injection appears as the most frequently addressed area, accounting for 29% of completed exercises. According to the report, traditional role boundaries are becoming less distinct, with greater overlap between offensive and defensive training and increased use of combined “purple-team” approaches across the attack and defence lifecycle.
The findings indicate that performance in cybersecurity roles may depend increasingly on adaptability, judgement, and cross-functional skills alongside the use of AI tools. As professionals develop capabilities across multiple domains, the report associates this with improved ability to respond to complex environments. It also highlights the role of structured, hands-on training, reporting a 64% completion rate for AI-focused training, suggesting engagement with organisation-led learning.
The report also describes changes in the global cybersecurity workforce, with countries such as India identified as growing talent hubs alongside established contributors including the United States, United Kingdom, France, and Brazil. These countries collectively represent a large share of the upskilling activity reflected in the dataset.
Implications for CISOs:
- Develop AI security capabilities to address evolving attack vectors and support AI-based systems.
- Invest in training programmes that combine offensive and defensive cybersecurity approaches.
- Access and develop talent across global workforce hubs to address skills shortages.
- Maintain ongoing practical training to support operational resilience in environments increasingly influenced by AI.
The report also indicates that a combination of structured training programmes and access to global talent pools is associated with higher engagement and faster skill development.
