#cybersecurity-talent-gap

#cybersecurity-talent-gap

Hasbro detected an intrusion on March 28, prompting the company to take down some of its systems. Parts of Hasbro's website appeared down, with error messages indicating maintenance.

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.

I've always had what I would consider a hacker mindset, a curiosity to take things apart, understand them, and use that knowledge to solve problems. That mindset took me on a circuitous route into the cybersecurity industry; after being kicked out of high school for hacking computer systems, I worked a range of jobs, managing office supply companies by day and cracking Wi-Fi networks by night until I started a Digital Forensics degree which led me to the world of security research.

In today's digital workplaces, cyber threats rarely begin with broken systems. They begin with everyday actions-opening emails, sharing information, or accessing online platforms. Security awareness training helps reduce cyber attack risks by strengthening how individuals recognize and respond to these situations. Rather than focusing on technical controls alone, organizations are increasingly prioritizing cyber awareness as a core defense strategy. When users understand common threats such as phishing, social engineering, and unsafe online behavior, they are better equipped to prevent incidents before damage occurs.

We believe that the compromise originated from the Trivy dependency used in our CI/CD security scanning workflow. Our security team moved promptly to contain and remediate the incident.

By mid-2026, at least one major global enterprise will fall to a breach caused or significantly advanced by a fully autonomous agentic AI system.

Organizations have reported heightened cybersecurity risks as a result of these skill shortages, but the issues don't end there. Many teams will also experience burnout, which is an issue for security teams even in the best of times, which can only add to the talent gap concern if burnt out employees leave the industry.

Hoang: My background sits at the intersection of enterprise IT, data protection, and cybersecurity. I've spent much of my career working with CIOs and CISOs on resilience - how organizations protect, recover, and govern their most critical data in the face of cyber threats, outages, and operational risk. Today, as CIO at Commvault, I see security not as a standalone function, but as a core business capability.

As organizations scale Artificial Intelligence (AI) and cloud automation, there is exponential growth in Non-Human Identities (NHIs), including bots, AI agents, service accounts and automation scripts. In fact, 51% of respondents in ConductorOne's 2025 Future of Identity Security Report said the security of NHIs is now just as important as that of human accounts. Yet, despite their presence in modern organizations, NHIs often operate outside the scope of traditional Identity and Access Management (IAM) systems.