IT Europa attended this week’s annual cybersecurity ONE Conference in The Hague this week, and heard about the disconnect between what cybersecurity AI professionals are needed, and what professionals were actually available.
Critically, we also heard that cyber pros that were thrown on the scrapheap because of a lack of perceived AI skills, could well become the major cybercriminals of the future, out of “necessity” and “spite”.
New research results about the European cybersecurity labour and education market were also presented. The study mapped existing training and education provision against future labour market needs and identified competence gaps across several EU countries.
The aim is to contribute to a unified European framework for action in cybersecurity skills development to address the shortage of cybersecurity expertise in Europe. The combination of eight different methods combining quantitative and qualitative data for gap analysis and learning objectives definition is said to be “unique”
The research, led by Security Delta hsd, is part of the European CADMUS project.
The research identified competence gaps in the Dutch, Greek, Croatian and Cypriot labour markets, and weighed in labour market analysis from Lithuania, Spain, Estonia, Slovenia, Hungary and Belgium.
The analysis shows a big demand for the following competences: education and training provision, personnel development, problem management, information security strategy development, and risk management. For these competences, the expected demand exceeds the current supply of educational offerings.
As more sectors start to worry about their security, cybersecurity strategy development and risk management are the first requirements that will grow. With the reported and growing talent shortage, challenges also lie in developing personnel and education and training provisioning to grow the cybersecurity teams.
Mark Ruijsendaal, programme director at Security Delta hsd, said: “The gaps show that the main priority for new development of training is not necessarily on technical competences, but rather the strategic and business-oriented ones. More technical and quality-related competences are added to the list of gaps when you zoom into the proficiency levels.”
Building on the research findings, the CADMUS consortium will develop curricula, training platforms and training delivery tailored to the identified skills gaps. The focus will be on the unique challenges and risks faced by small- and medium-sized enterprises (SMEs) and the public sector. These challenges stem from the growing complexity and sophistication of cybersecurity threats, the introduction of new standards and regulations (like NIS2, DORA, and CRA), and domain-specific developments such as the adoption of cloud and hybrid platforms, as well as the integration of automation and AI in security operations.
The CADMUS consortium, comprised of seven organisations based in Europe, and led by the National Cybersecurity Authority of Greece, has received a three-year grant to address the cybersecurity expertise shortage in Europe. With this grant of €3.14m the consortium executes a €6.3m programme, co-funded, amongst others, by the Dutch Ministry of Economic Affairs/RVO and the European Commission, through the European Health and Digital Executive Agency (HaDEA), as part of the Digital Europe Programme.
On the threats posed by AI edging out security pros with traditional skills, Kris Lovejoy (pictured), Kyndryl global security and resiliency leader, set the conference alight with her warnings.
She said: “There is a changing technological war, and that war is not about a new piece of code. It’s a profound collision of two AI waves, between the technology labour market and agentic AI.
“Autonomous systems promise advantages but also pose big risks. There is a human collision. AI is not just a tool, and while some have a utopian view, that all people and AI can work together, there is a threat to administrative cybersecurity roles.”
She said: “There is a skills gap in the strategic area of AI. There is a need to manage AI and the infrastructure that supports it, and a need for more people to manage the potential threats.”
She warned: “When it comes to fraud, displaced workers as a result of AI may be driven by motive, opportunity, and rationalisation. Such workers could be tempted to conduct digital crimes, as they rationalise what they’re doing as ‘getting back’ at ‘big business’, and grabbing what they need to feed their families.”
Lovejoy cited the example of the collapsing Soviet Union from 1989 onwards. The collapse saw technically skilled workers losing their jobs and struggling to pay their way. “A large number turned to crime and eventually were part of organised ransomware gangs. We are now facing a similar threat, and this is not a brain drain, it’s brain weaponisation.
“These people know how our critical infrastructure works, and they know all the weaknesses of the hyperscale hybrid clouds we now rely on.”
Lovejoy announced that she was about to hire an agentic AI officer at her company, who would work to help avoid the threats posed by the roll-out of the technology.
She urged those facing a job threat from AI to retrain, and said certified information security officers (CISOs) should make it plain to their bosses that security budgets were “non-negotiable” in the current climate and should be protected.
“It’s key to move from being a technologist to a strategist to help protect yours and other people’s jobs. Critical thinking and strategic planning cannot be totally replaced by AI.”
Lovejoy said infrastructure services firm Kyndryl was retraining 25,000 people across Europe to help mitigate the threat to jobs from AI, and help deliver the skills that are needed now.
“We have to stop the brain drain to criminal organisations. We must be human centric in this situation,” she concluded.
More to follow from the ONE Conference in The Hague, Holland...
