Enterprises report increasing budgets for security training in AI and other critical topics

2026-06-11 · Source: Information and Enterprise Technology News | CIO Dive - Www.ciodive.com · Field: Technology & Digital — Cybersecurity & Data Privacy, Artificial Intelligence & Machine Learning · Depth: Fundamental Awareness, quick

Summary

An ISC2 report, published June 11, 2026, reveals that enterprises are significantly increasing their security training budgets, particularly to prepare workers for the AI era. Roughly three-quarters (73%) of organizations reported budget increases in the past year. The study found that nearly half (47%) of respondents consider AI the most crucial skill for employees to acquire. While 20% of organizations rely solely on in-house training, 43% combine in-house staff with third-party vendors, and 27% split the work evenly. Larger organizations tend to utilize third-party services more. Monthly training sessions are the most common approach (36%), with effectiveness often measured by employee performance metrics and security incident reduction trends (both 52%). The primary challenge remains time constraints, cited by 53% of respondents, followed by keeping materials updated and finding qualified trainers. Most companies (94%) update training materials as trends emerge or before they become widespread.

Key takeaway

For Directors of AI/ML or CTOs evaluating cybersecurity readiness, recognize that time constraints are the primary barrier to effective training, even with increased budgets. You should prioritize flexible, modular training formats and consider third-party vendors to alleviate internal resource strain. Focus on integrating AI-specific security skills into your programs, as 47% of companies deem this critical. Regularly measure program effectiveness using incident reduction metrics.

Key insights

Enterprises are prioritizing cybersecurity training, especially for AI skills, despite significant time constraints.

Principles

• Time is the biggest training impediment.
• AI skills are critical for modern security.
• Regular training updates are essential.

Method

Organizations use monthly (36%), quarterly (34%), or weekly (15%) sessions. Effectiveness is gauged by employee performance, incident reduction, satisfaction surveys, audit results, and certification completions.

In practice

• Integrate AI skills into security curricula.
• Measure training impact via incident reduction.
• Address time constraints for training.

Topics

• Cybersecurity Training
• AI Security Skills
• Enterprise Security Budgets
• Employee Training Effectiveness
• Security Awareness Programs
• ISC2 Report

Best for: VP of Engineering/Data, Executive, Director of AI/ML, CTO, IT Professional

Related on AIssential

• Enterprises are all in on AI for security but budgets aren’t keeping pace — AI is central to cybersecurity strategies, yet budget and governance gaps persist despite future investment plans.
• ‘Don’t panic’: AI reality checks dominate major cybersecurity conference — Cybersecurity leaders should prioritize fundamental security practices and human expertise over AI hype.
• AI skills security, Open AI Deployment Company & zero days — AI's impact spans secure agent development, enterprise integration, and cybersecurity, creating both new challenges and solutions.
• AI Security Paradox: Are Firms Overconfident On AI Threats? — Enterprise AI adoption outpaces security, creating a paradox of employee overconfidence and significant vulnerability to AI-driven social engineering.
• While Everyone Watches Glasswing, Attackers Are Walking Through Your Front Door. — Most major cyberattacks exploit common, known vulnerabilities, not zero-days, with AI accelerating their scale.
• Announcing The Forrester Wave™: Cybersecurity Skills And Training Platforms, Q1 2026 — Cybersecurity training platforms must now prioritize team-based readiness and continuous, AI-informed skill verification over individual certifications.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Information and Enterprise Technology News | CIO Dive - Www.ciodive.com.