TMCnet News

ISC2 Research Reveals What Skills Needs Drive Enterprise Cybersecurity Training Investments
[June 10, 2026]

ISC2 Research Reveals What Skills Needs Drive Enterprise Cybersecurity Training Investments


Nearly three-quarters of large organizations increased cybersecurity training budgets as enterprises race to close AI and cloud security skills needs

ALEXANDRIA, Va., June 10, 2026 /PRNewswire/ -- ISC2 – the world's leading nonprofit member organization for cybersecurity professionals – today released 2026 Security Training Trends showing enterprises are increasing cybersecurity training investments as organizations work to address rapidly evolving skills needs. Nearly half of security leaders (47%) say AI is the most pressing skill their organization is addressing or planning to address through cybersecurity training, underscoring how emerging technologies are reshaping workforce priorities.

Organizations continue to face major cybersecurity skills challenges. In response, enterprises are taking a proactive approach to workforce development by increasing their investments in training. Almost three-quarters of security leaders (73%) say their security training budget increased over the past 12 months.

Organizations are also adapting their training strategies. Most respondents (94%) feel they are keeping up or are ahead of the curve when it comes to adapting training to emerging technologies and shifting security requirements. And 86% say their training programs effectively address the changing skills needs.

However, translating investment into impact remains a challenge. Despite widespread employer support for professional development, more than half (53%) of cybersecurity leaders cite time and scheduling constraints as the top barrier to effective training.

"What this research makes clear is that cybersecurity training has become a business resilience issue, not just a workforce development priority," said ISC2 Chief Operating Officer Casey Marks. "As AI, cloud and other technologies continue to reshape the threat landscape, organizations need to know whether their teams are building the right skills and can apply them in practice. Those that treat training as a strategic capability, rather than a periodic exercise, will be better prepared to manage risk, adapt to change and respond to what comes next."

b>Additional findings from the report include:

  • Training budgets are increasing, but time remains the biggest challenge:
    73% report that their organization's cybersecurity training budget has increased over the past 12 months. However, while 98% say professional development is allowed during work hours, more than half (53%) still cite time or scheduling constraints as the primary barrier to effective training.
  • Cloud security remains a major enterprise focus: Second to AI (47%), forty-four percent of organizations identified cloud computing security as a top training priority, alongside security analysis (44%), risk assessment and management (40%) and security administration (40%).
  • Cybersecurity training strategies at enterprises are structured and role specific: Most enterprises rely on structured approaches to workforce development, with 77% using a mix of in-house and third-party providers and 70% say training is customized by job role rather than a standardized, one-size-fits-all programs.

For cybersecurity leaders, learning and development and HR professionals seeking guidance on building and measuring effective training programs for cybersecurity teams, read the full 2026 Security Training Trends report here.

Methodology
ISC2 surveyed a total of 995 cybersecurity team leaders from Canada (166), Germany (155), India (180), Japan (163), the United Kingdom (150), and the United States (181) in December of 2025. Respondents were surveyed in their native or local languages. To be eligible to participate, respondents had to be at the manager level or higher, and be personally involved in their organization's security team training in some capacity. The margin of error for the global descriptive statistics in this research is +/- 3% at a 95% confidence level.


About ISC2
ISC2 is the world's leading member organization for cybersecurity professionals, driven by our vision of a safe and secure cyber world. Our more than 265,000 certified members, and associates, are a force for good, safeguarding the way we live. Our award-winning certifications – including cybersecurity's premier certification, the CISSP® – enable professionals to demonstrate their knowledge, skills and abilities at every stage of their careers. ISC2 strengthens the influence, diversity and vitality of the cybersecurity profession through advocacy, expertise and workforce empowerment that accelerates cyber safety and security in an interconnected world. Our charitable foundation, the Center for Cyber Safety and Education, helps create more access to cyber careers and educates those most vulnerable. Learn more, get involved or become an ISC2 Candidate to build your cyber career at ISC2.org. Connect with us on XFacebook and LinkedIn.

© 2026 ISC2 Inc., ISC2, CISSP, SSCP, CCSP, CGRC, CSSLP, HCISPP, ISSAP, ISSEP, ISSMP, CC, and CBK are registered marks of ISC2, Inc.

Media Contact:
Amanda Steinman
Senior Corporate Communications Manager
ISC2
[email protected]

 

Cision View original content:https://www.prnewswire.com/news-releases/isc2-research-reveals-what-skills-needs-drive-enterprise-cybersecurity-training-investments-302791319.html

SOURCE ISC2


[ Back To TMCnet.com's Homepage ]