Cyber Teams
Staying on top of the latest cybersecurity trends is essential for industry professionals to defend against the latest threats.
But let’s be honest: finding the sources linked in many “cybersecurity statistics” listicles sends you down a rabbit hole. If you’re looking for original research related to cybersecurity, we’ve got you covered.
We’ll share cybersecurity statistics Hack The Box (HTB) has uncovered through original research—like global surveys and HTB player performance data.
Our statistics cover AI in cybersecurity, cyber attack readiness, defensive security measures, and general career trends in the industry.
So whether you’re planning your next career move or researching which skills gap to fill on your team, these statistics will offer a clear roadmap on how cybersecurity is changing.
Artificial Intelligence (AI) in cybersecurity is a trending topic in the industry. But how do cyber professionals predict AI will impact their careers? Our report on Securing the future of cybersecurity surveyed 3,000 security professionals to find out.
Most concerns around AI in cyber revolved around AI misuse for sophisticated attacks, alongside staying upskilled enough to keep pace with AI's direct impact on cybersecurity roles.
An alarming 60% of cybersecurity professionals are concerned about cybercriminals' potential misuse of AI technology to orchestrate mass, sophisticated attacks.
This statistic demonstrates the double-edged nature of AI advancements, serving both as a powerful ally for defensive measures and a potent weapon in adversaries' arsenals.
Speaking on the defensive side of security, “AI is now more accessible to a much broader audience, like entry-level security analysts,” shares SOC veteran and HTB’s Head of Defensive Content, Sabastian Hague.
“We’re already seeing teams use the tech to automate repetitive aspects of triage, documentation, and incident report writing with custom tools.” Hague says that this allows more time for investigations and developing critical SOC skills.
Learn to defend and exploit AI threats with Dedicated Labs
Our Dedicated Labs track provides insights into common attacks on Artificial intelligence (AI) and Machine Learning (ML) systems, emphasizing underlying principles and demonstrating how insecure implementations may compromise sensitive information or enable unauthorized access.
Identify and exploit insecure ML implementations.
Exploit classic vulnerabilities through AI systems.
Bypass Face Verification Systems.
Basic Prompt Injection techniques.
Write Machine Learning programs in Python.
Privacy attacks on Machine Learning models (white-box and black-box).
Train classification models for Membership Inference attacks.
41% of respondents anticipate that AI could complicate their job roles, introducing complexities that demand a deeper understanding and skillful navigation of AI-integrated systems.
A proactive approach is required to upskill and adapt to using AI in the cybersecurity trenches, ensuring that professionals remain competent and confident in their roles and can effectively leverage AI's potential to their advantage.
AI could be integrated into both offensive and defensive roles in just some of the following ways:
Bulk reviewing malicious code.
Finding hidden vulnerabilities to exploit.
Real-time threat detection and response systems.
Automating patch management.
AI tools can be used to our advantage, improving response times and reducing downtime. But only if we willingly take the time to learn, understand, and utilize the tools, before attackers do.
Job security within cybersecurity is also a growing concern, with 37% fearing AI technology might replace human roles.
The need for continuous learning is clear. Professionals must go beyond “coexisting with AI” and get comfortable leveraging its capabilities to augment their expertise and reduce the burden of manual labor during daily operations.
For example, SOC analysts may utilize AI log analysis tools, helping reduce the time spent sifting through logs for suspicious activity. This won’t replace the analyst, but it frees up their time to focus on other important SOC duties.
A significant 32% express anxiety over lacking the requisite knowledge or skills to engage with AI in their roles effectively.
This statistic serves as a call to action for educational institutions, organizations, and individuals to prioritize AI-focused learning and development initiatives.
In fact, it’s why HTB Dedicated Labs provide insights into common attacks on AI and Machine Learning (ML) systems. These labs emphasize underlying principles and demonstrate how insecure implementations may compromise sensitive information or enable unauthorized access.
HTB’s proactive approach to upskilling can ease AI anxiety by teaching threat landscape-connected skills.
Facing the advent of AI in cybersecurity, a strategic approach involves not only embracing AI's challenges but actively integrating it into security practices.
For SOC team leads, encouraging junior members to engage with AI tools for routine tasks can free up time for strategic planning.
Senior leaders should focus on developing AI risk management policies that manage AI's ethical and practical implications within security frameworks.
We're seeing AI and ML becoming increasingly integrated into a wide range of applications; from simple everyday tools to complex systems driving major business decisions and cybersecurity defenses.
This ubiquity means that not only understanding, but properly leveraging and managing, AI is becoming a critical skill set for cybersecurity professionals.
By understanding AI as another vector in this complex ecosystem, cybersecurity professionals can better prepare for and respond to the threats of the digital age. The key to success lies in adaptation, ethical consideration, and collaboration.
Nathan Kramer, Founder & Principal Security Consultant at Vigilant Cybersecurity
The 2023 Cyber Attack Readiness Report reveals critical cyber skills gaps across key industries and technologies. We analyzed performance data from the 982 corporate security teams and 5,117 professionals who participated in our global CTF competition.
The competitive event featured over 30 hacking challenges based on the live threat landscape covering areas like forensics, blockchain, cloud, and more.
In addition to performance data from the CTF event, this report combines insights from a separate user survey of 803 active cybersecurity professionals in the HTB user base.
This annual event benchmarks the current state of cyber readiness and ignites a competitive spirit that drives innovation and collaboration among participants, offering a vivid snapshot of evolving security skills across vital industries.
Addressing workplace morale, the Cyber Attack Readiness Report 2023 reveals a beacon of hope:
62% of managers view opportunities to learn new skills as the best strategy to combat staff burnout.
What’s truly fascinating is that employees feel the same way about learning:
68% of security team members rated “opportunities to learn skills” as the most successful way of staying engaged at work. In comparison, only 26.5% rated extra compensation as a way to improve engagement.
This is a testament to the dynamic nature of cybersecurity work, where continuous skill development enhances job satisfaction and prepares teams to tackle new challenges head-on, instilling a sense of motivation and resilience.
Sending our team on courses that truly interest them can often serve as a break. It's also mutually beneficial for both the employee and the company.
Paul Keastead, Security Program Manager
In 2023, a striking revelation was the pronounced skill gaps in cutting-edge technologies like blockchain and cloud computing.
The challenges related to these technologies saw solving rates nearly 30% below the average, with blockchain challenges having an 18.37% solve rate, plummeting to as low as 12.7% for blockchain specifically and even lower, at 10.8%, for cloud technology challenges.
The data draws attention to today’s technical skill gaps as teams “catch up” to Web 3.0 technology, protocols, and vulnerabilities.
For industries such as finance, healthcare, and government, it’s a call to double down on upskilling to protect decentralized applications and blockchain-based services.
Put your team’s cloud defensive skills to the test with our Sherlocks Labs:
Nubilum 1 | Nubilum 2 |
Scenario: Our cloud administration team recently received a warning from Amazon that an EC2 instance deployed in our cloud environment is being utilized for malicious purposes. |
Scenario: A user reported an urgent issue to the helpdesk: an inability to access files within a designated S3 directory. This disruption has not only impeded critical operations but has also raised immediate security concerns. The urgency of this situation demands a security-focused approach. |
Regarding engagement and skills assessment, cybersecurity professionals' enthusiasm for CTFs underscores the value of practical, hands-on challenges in enhancing team skills and motivation.
Over 70% of managers leverage CTFs to boost employee engagement and skill assessment.
Given the current economic uncertainty, dwindling security budgets, and rampant burnout, this shows how security leaders can maximize ROI on limited training budgets and boost motivation with an upskilling culture.
64% of in-house team members agreed that CTF events can help measure and upskill employees.
CTFs play an important role in benchmarking the current skills of employees and providing a clear development plan for areas of improvement. This helps teams discover skills gaps and prioritize specific capabilities as part of their development plans.
Commenting on the value of team events like Business CTF, Lukasz Lamparski, a Senior Incident Responder at INGBank, shares that "overall the challenges were pretty realistic, which is a big plus for me. I would recommend joining the CTF, as it lets you test your skills in realistic scenarios. We will join again next year."
The rampant talent and skills shortage in cybersecurity is arguably most notable in SOC teams. To support SOC professionals and leaders on the frontlines of security, our research uncovers the most sought-after skills for Developing the modern SOC analyst.
Survey insights, drawn from a pool of 400 respondents, also reveal a shift in how today’s professionals plan their careers between offensive and defensive cybersecurity roles.
Fundamental skills set the foundation for the analyst.
46% of incident responders rated knowledge of Incident Handling Processes and Methodologies as the most important knowledge domain.
Incident handling is a fundamental requirement in the SOC domain, highlighting the criticality of effectively mastering incident response to mitigate cybersecurity threats. “It makes sense for any security leadership team (and up-and-coming analyst) to prioritize these essential skills”, says our Defensive Content Lead, Sebastian Hague.
Over his eight years of experience in the defensive field, the incidents he’s personally handled “weren’t triggered by APTs chaining multiple zero-day exploits to compromise an environment—human error, misconfigurations, and poor incident response processes played a key role.”
The rise of hybrid blue/red teamers is particularly notable, with nearly 31% of surveyed individuals starting their career in defensive security before shifting to the offensive side.
Understanding the potential attack paths and indicators of compromise at each layer of their network is highly important for blue teams.
Collaborating closely with red teams helps identify and address gaps in monitoring, analysis, and response strategies. This can uncover vulnerabilities or inefficiencies in tools and processes that might not be evident through standard defensive operations.
Looking ahead, 43.8% of professionals predict cloud security skills will become even more critical within the next half-decade.
This prediction reflects the ongoing transition to cloud platforms and the 2023 Cyber Attack Readiness Report's insights on emerging technological gaps, particularly in cloud and blockchain technologies.
90% of IT and cybersecurity professionals assert that cybersecurity and computer science graduates must have hands-on experience before starting their first role. (Securing the future of cybersecurity report).
This insight underscores a crucial gap in current educational curriculums when combined with feedback responses from those in the field:
78% feel that universities are not doing enough to prepare students for the modern cyber workforce.
The emphasis on practical skills over traditional academic achievements highlights the creative transformation of cybersecurity career requirements, likely due to the desperate need for new talent to fill skill gaps with practical, hands-on expertise.
In recruitment, 64% of professionals believe current processes fail to effectively assess practical skills critical for addressing evolving cyber threats.
There’s a pressing need to revamp hiring practices, and place a higher value on hands-on experience and industry certifications. After all, a certification doesn’t necessarily tell you that a penetration tester can effectively infiltrate real-world systems in the same way proven hands-on experience does.
Focus on essential skills and experience, avoiding unrealistic qualifications or an extensive wish list. Not managing this well can mean that you miss out on a whole host of potentially suitable candidates who will rule themselves out of the process.
Tom Williams, former Principal Consultant at Context Information Security.
Notably, 47% of entry-level professionals identified cybersecurity-specific certifications as the most valuable asset on their CVs. On the other side of the coin, 55% of senior managers also rated certifications as “the most valuable aspect of an entry-level CV.
Pointing to the desire for market-ready professionals with practical skills.
These eye-opening cybersecurity statistics should equip you with the knowledge to develop your cybersecurity career, develop your security team, and even revamp your hiring processes.
The cybersecurity industry suffers from a case of: not a matter of if but when.
Being proactive isn’t optional, which is why our unique research is essential reading for any cybersecurity professional: