The cybersecurity landscape is defined by a critical paradox: new technologies create greater efficiencies and stronger protections while simultaneously expanding the attack surface that must be defended. This is the central finding of the "State of Cybersecurity 2025" report from CompTIA, the leading global provider of vendor-neutral IT training and certifications. The report reveals that 81% of organizations rate cybersecurity as a high priority, a focus reflected in a 9% year-over-year increase in U.S. job postings for cybersecurity roles, which surpassed 514,000 in a 12-month period.
Quick Intel
81% of organizations rate cybersecurity as a high priority.
U.S. job postings for cyber roles grew 9% to over 514,000 in a year.
70% of firms are in early education or testing phases for AI implementation.
Skills gaps in using AI tools (45%) and basic cybersecurity (43%) are key hurdles.
58% of firms have a high focus on Operational Technology (OT) security.
66% of companies have dedicated staff for data security.
A Cautious and Evolving Approach to AI
Organizations are proceeding deliberately with artificial intelligence. The report finds that 70% of companies are either in an early education phase or testing AI on low-priority systems. This cautious approach is driven by significant skills gaps, with 45% of firms citing a lack of skill in using AI tools and 43% noting gaps in basic cybersecurity knowledge. From a security perspective, organizations are split between those focused on using AI for internal improvements (37%) and those primarily defending against new AI-powered threats (31%).
"The scope is broader, and the stakes higher," said Seth Robinson, vice president, industry research, CompTIA. "Organizations that succeed will be those that align cybersecurity strategy with business objectives, prioritize skill development and embed security into every layer of their digital architecture."
Growing Focus on OT and Data Protection
The digitization of physical systems has moved Operational Technology (OT) security beyond its traditional domains, elevating concerns about these vulnerabilities. A significant 58% of firms now report a high focus on OT, leading to increased cooperation between OT and IT teams and a surge in hiring. CompTIA's analysis shows over 184,000 OT job postings in 2024. Concurrently, the abundance of data is prompting new security approaches, with 66% of companies now employing dedicated staff for data security, making it the most common dedicated data role.
Building a Multi-Pronged Talent Pipeline
To address these evolving challenges, companies are considering a variety of strategies to build robust cybersecurity skills, including new hiring (56%), training current employees (54%), and certification (48%). A multi-faceted approach is recommended to develop a sustainable talent pipeline.
"Businesses need a pipeline of early-career talent, reskilled employees from other disciplines and cross-functional training to bridge skill gaps and allow for career growth," Robinson said.
The report concludes that aligning security with business goals, proactively addressing skills gaps, and embedding security into all technology layers are the essential strategies for navigating the complex and expanding modern threat landscape.
CompTIA Inc. is the leading global provider of vendor-neutral information technology (IT) training and certifications. CompTIA unlocks potential in millions of aspiring technology professionals and careers changers. Working in partnership with thousands of academic institutions and training providers, CompTIA helps students build career-ready skills through best-in-class learning solutions, industry-recognized certifications and career resources.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.