Despite intensifying cyber threats accelerated by AI tools, 2025 cyber-hiring slowdowns signal deeper automation shifts ahead.
According to recent reports, companies worldwide are scaling back on cybersecurity staff recruitment amid economic pressures, opting instead to invest in AI-driven automation to tackle persistent skills shortages and accelerating threats.
Growth in cybersecurity positions had slowed to just 7% in 2025, down from 12% the prior year, as leaders redirected funds towards automated solutions capable of handling repetitive tasks such as threat detection and log analysis. This shift comes even as cyberattacks grow more sophisticated, with AI enabling attackers to operate at unprecedented speed and scale.
According to Robert Huber, Chief Security Officer, Tenable, 2026 will see security teams abandon long-held reservations about automated remediation. “For years, teams have been hesitant to automatically remediate, but I believe that to keep pace with the threat and expansion of the attack surface, teams will start to defy that long-held belief,” Huber stated in the firm’s 2026 predictions report.
However, this pivot introduces significant blind spots. Industry polls suggest that only about half of leaders feel confident their staff grasp the severity of cyber threats, and globally, just 4% of firms have reached “mature” readiness across key pillars such as identity intelligence and AI fortification.
Delving into the hiring trends
Budget limitations, not talent scarcity, now drive the workforce crunch, according to ISC2’s 2025 Cybersecurity Workforce Study, surveying over 16,000 professionals. However, many respondents viewed AI as a career booster rather than a job killer, with pros upskilling in AI governance and model security. Still, entry-level roles such as security analysts have dropped sharply — by about 53% in some markets since 2022 — as automation handles triage and alerts. Emerging demand-surges for AI security engineers, machine identity specialists, and adversarial AI experts, roles requiring hands-on experience across the AI lifecycle. Tech job data shows cybersecurity topping hard-to-fill positions at 41%, trailed by AI/ML at 33%.
One expert has argued that organizations cannot simply “hire their way through the AI era”, advocating Risk Operations Centers (ROCs) powered by agentic AI for proactive prioritization. A Wall Street Journal report has echoed this sentiment, noting stagnant budgets force teams to prove returns-on-investments through risk reduction, not headcount growth.
Other studies also flag risks in AI-generated code, where 45% harbor flaws such as cross-site scripting, demanding embedded pipeline security. Ultimately, the way forward may be the adoption of hybrid models where AI augments human judgment in ethics, context, and business alignment. As threats evolve, firms prioritizing upskilling and custom AI tools will better navigate 2026’s challenges, potentially spurring net job growth in specialized fields.
