Agentic AI
,
Artificial Intelligence & Machine Learning
,
Next-Generation Technologies & Secure Development
ISC2 Survey Says AI Skills Top Training Agendas, But Teams Need to Act Quickly
Artificial intelligence is reshaping the way cybersecurity teams are learning on the job, and AI has moved to the top of the training priority checklist, according to the 2026 Security Training Trends report from ISC2.
See Also: AI Agents Introduce a New Insider Threat Model
The survey found that AI skills are the most important training need for 47% of security leaders, ahead of cloud computing security, security analysis or risk assessment. With 40% of respondents saying they expect AI advancements to drive new training needs over the next year, demand for training is expected to increase. Agentic AI advancements were cited by 28% of respondents, followed by automation in cybersecurity at 24%. ISC2 surveyed 995 security leaders at manager level or above across enterprise organizations in the United States, United Kingdom, Canada, Germany, India and Japan.
The speed and ubiquity of the AI transition sets it apart from previous technology shifts that security teams have had to manage, such as cloud migrations where teams had a longer on-ramp and a more predictable road map, said Casey Marks, chief operating officer at ISC2.
“We don’t even know what we need yet,” Marks said. “It’s anything and everything AI – tools, training, practices – to the point that we don’t even know what we need yet.”
That uncertainty is driving a move away from generic, vendor-supplied curriculums to developing AI training in house that focuses on the organization’s specific tools, configurations and use cases. The survey found that 63% of organizations now develop and deliver security training exclusively or mostly in house, and only 9% say they rely on third-party providers.
“You can actually say this is how we’re doing it here, and this is how we do it at home, and we can build our training based on that environment,” he said.
As AI tools are distributed across the enterprise, CISOs will play an important role in making sure that training is a priority for the organization, Marks said. More than half of security leaders (54%) say new technology adoption is what triggers a training need in the first place.
“You need to be able to walk the walk and talk about the forthcoming risks you would anticipate,” he said, adding that training should be part of the implementation of new AI products.
While the need to get teams up to speed on AI technologies and security is paramount, the cybersecurity skills gap is growing across the board and 59% of security leaders said they had critical or significant skills needs on their teams, up from 44% last year. Nearly all said their teams had gaps, and 95% identified at least one skills need, up from 90% last year.
Marks said AI is at the heart of skills gaps across the board, as it touches everything from cloud security to risk management and beyond. “We could just be honest and say AI,” he said, “because all of those things are going to be impacted by AI, native and otherwise.”
The 2026 training data also exposed regional differences in organizational priorities. More than half of U.K. security leaders (55%) and U.S. respondents (54%) said AI was the top training priority, but that figure was lower in India (47%), Canada (46%), Germany (43%) and Japan (40%). India and Japan were the only countries in which AI didn’t rank as the number one priority. Cloud computing security topped the list in India, while security analysis led in Japan, where SecOps also appeared as a distinct training priority not seen elsewhere.
Marks said much of this variation relates to market maturity – not a different appetite for AI or risk. In markets with higher level security functions already well established, training priorities tend to follow whatever a CIO or CISO is currently focused on, which increasingly means AI, he said. But the tide should turn quickly. “I don’t think you’re going to see that forever,” he said. “I think you’re going to see that change pretty rapidly in a pretty short period of time.”
Organizations cite training as a priority, and 73% of security leaders said their organization’s training budget had increased in the last 12 months, but the availability of financial resources isn’t enough to get the job done. Only 29% say they don’t have enough budget to implement training.
But in today’s heightened threat environment with continual advancements in AI, the greatest obstacle is time.
Training happens during work hours for 98% of respondents, and 77% said managers adjust workloads to accommodate training, and 67% offer dedicated training days or time blocks. But 53% said time and scheduling constraints continue to be the biggest barrier to effective training. Even when policy allows for training, protecting that time is a challenge.
“If you haven’t set aside the specific time, it doesn’t get done,” Marks said. “It’s really hard to say, ‘We’re having an incident right now, all hands on deck, but I’m doing this.’ Everything gets pushed to the side.”
Making sure an organization protects the time for training and makes it a priority is going to be a challenge for tech leaders. AI will both bring new workloads and require even more training and education programs for teams, and both will happen at a pace that organizations will struggle to manage.
“Training will have to be faster. Training will have to be slightly lighter,” Marks said. “You’re going to have to do the best you can with what’s been given to you.”
