The global shortage of cybersecurity and AI governance talent, estimated at more than 4.7 million positions, represents a major risk in the face of rapidly evolving technologies.
By Sneha Banerjee, Enterprise analyst at ManageEngine
According to ISC2, the global shortage of cybersecurity professionals exceeded 4.7 million vacant positions in 2024. This talent crisis, accentuated by the rapid adoption of AI, is considered by the World Economic Forum to be one of the major global threats: available skills are not evolving at the same pace as technologies.
Even if companies use similar cloud platforms and AI models, their risk levels vary across markets and local talent pools. The shortage of skills in cybersecurity and AI governance is not uniform: it depends on regulation, talent mobility, training and maturity of companies, and directly conditions the secure deployment of AI
The global impact of the scarcity of multidisciplinary experts
Talent shortages particularly affect AI governance, a cross-disciplinary discipline that combines AI engineering, data management, cybersecurity, regulation and ethics. It is essential that professionals understand how models work, identify their vulnerabilities to attacks, and comply with regulatory requirements
According to the World Economic Forum, despite rapid growth in roles related to AI governance, most companies are outsourcing these responsibilities to existing teams: security, legal or compliance, rather than creating dedicated teams. Geographic context then becomes crucial, as the level of risk associated with this approach is highly location-dependent.
Europe, United States, China: a global competition for AI talents
Europe has a solid regulatory framework with the GDPR, the NIS 2 directive and the EU AI Act, but the shortage of skills remains a major obstacle: 250,000 to 500,000 experts combining technical expertise and mastery of regulatory issues are lacking to apply these rules. Even aware of the measures to be taken, companies struggle to find these profiles, especially in countries like Spain, where the adoption of AI is accelerating while experienced talent remains scarce.
The talent shortage is not limited to Europe. In the United States, demand for AI and cybersecurity experts far exceeds supply, putting strong pressure on experienced profiles. In China, national AI strategies are advancing faster than the availability of multidisciplinary talent.
Despite very different regulatory and economic contexts, the challenge remains the same: insufficient skills to manage AI safely represents a strategic risk on a global scale. It is therefore crucial that companies anticipate these constraints, adapt their recruitment and training strategies, and consider flexible and geographically targeted approaches to reduce their exposure to risks.
Anticipate the talent shortage
Rather than relying on rapid availability of experts, companies can rethink AI governance as an integrated system, not a single role. Responsibilities are divided between cybersecurity, data, legal, risks, and implementation adapted to local and regulatory realities. This reduces reliance on hard-to-mobile talent and ensures effective monitoring. From then on, the central question no longer becomes “How to recruit more experts?” but “How to operate effectively when they are rare?”
The unequal distribution of skills around the world makes the geographic dimension a strategic risk factor: some regions lack technical expertise, others lack regulatory experience, which makes the deployment of AI more complex. To respond to this, companies can diversify their international recruitment, form multidisciplinary teams and create structures dedicated to governance. Combined with flexible strategies adapted to each market, these approaches reduce exposure to risks and ensure adoption of AI that is both controlled and responsible.
