Traditional cybersecurity talent will remain scarce, but the good news is that the new skills required to combat emerging new threats can be acquired by workers with less tech experience. According to the study by ServiceNow/Pearson, the biggest technology skills gaps in the U.S. are in process improvements and operationalizing data—skills that could conceivably be learned by people in the business but outside of security teams.

Data analysis and generative AI will be top of mind. Derek Vadala, chief risk officer of Bitsight, a cybersecurity solutions provider, says this will extend beyond “data’s historical usage for detection and response and focus more holistically on the business of cybersecurity within companies—investment and prioritization of scarce resources.” The new generative AI tools like ChatGPT can help security teams study data and research risks, but people have to know how to use the tools—like learning to create the right prompts to drive usable responses, Vadala says.

Cybercrime itself will be turbocharged by artificial intelligence. Indeed, the emergence of AI in just about every corner of the enterprise world is unnerving security leaders who are still assessing the potential dangers of machine learning. Olivia Rose, founder of the Rose CISO Group and a virtual CISO, says AI dominates the Slack channel where she chats with other CISOs.