That divergence, as Hack The Box’s CEO Haris Pylarinos frames it directly, translates into risk. Not future risk. Current risk.

The cybersecurity workforce challenge is no longer just about filling vacancies — it’s about building AI-ready security capabilities that can defend against evolving threats like prompt injection, model exploitation, and agentic AI hijacking. As enterprises rethink workforce readiness and operational resilience, industries across the digital economy are also being forced to modernize their customer engagement and operational strategies. Discover how grocery, convenience, and QSR brands are redefining frictionless experiences and adapting to changing consumer expectations in The Frictionless Frontier: Why Grocery, Convenience, and QSR Need a Reset

AI Has Inverted the Traditional Cybersecurity Skills Hierarchy

The assumption that has governed cybersecurity workforce development for the past decade is essentially this: build deep expertise in foundational domains network security, endpoint protection, vulnerability management, incident response and layer AI literacy on top as the landscape evolves.

The training data in the Hack The Box report suggests that hierarchy is inverting. AI penetration testing has emerged as a top global training priority. Within AI-specific training, prompt injection accounts for 29% of challenges solved by practitioners, machine learning model exploitation accounts for 24%, and agentic AI hijacking accounts for 12%. These are not peripheral specialisations pursued by a niche cohort of AI security researchers. They are the dominant focus areas of a workforce actively repositioning itself around the attack vectors that matter most right now.

The inversion matters for workforce strategy because it changes the seniority model. Historically, AI security was an advanced specialisation something practitioners reached after establishing foundational competence. The threat landscape has compressed that progression. Organisations deploying AI systems in production environments face prompt injection and model exploitation risks today, not in a future state when their teams have matured into AI security expertise. The training data reflects that practitioners understand this. Enterprise workforce development programmes that still treat AI security as an advanced elective rather than a foundational competency are structurally misaligned with the threat environment their teams are defending.

The Purple Team Signal Traditional Role Boundaries Are Becoming a Liability

Perhaps the most consequential structural finding in the Hack The Box report is the growing overlap between offensive and defensive training. Role specialisation red teams doing offensive work, blue teams handling detection and response has been the dominant model for enterprise security team design for years. The training data suggests practitioners are moving away from it.

The shift toward integrated offensive-defensive capability development reflects a threat environment in which attackers don’t respect the artificial boundaries between security disciplines. An AI-augmented threat actor probing an enterprise environment doesn’t slow down at the red team / blue team interface. The assumption that offensive knowledge can be cleanly separated from defensive application and that practitioners need only one or the other is a model that looks increasingly inefficient against adversaries who operate across the full attack lifecycle simultaneously.

The purple team model that Hack The Box’s data points toward is not simply a collaboration exercise between red and blue functions. It is an architectural shift in how security capability is built and maintained toward practitioners who understand both attack construction and defensive detection, who can test the controls they design and design around the attacks they understand. That model produces more adaptable, higher-judgment security professionals. It also produces teams that are harder to staff through conventional hiring, because the profile it requires does not emerge from standard security certifications and degree programmes alone.

Structured, hands-on training is the mechanism that builds this profile. The 64% AI-focused training completion rate reported for enterprise-led programmes significantly outperforming self-directed learning benchmarks is the evidence that organisational investment in structured training produces measurable workforce adaptation. The gap between organisations making that investment and those deferring it is widening, and it is widening directly into risk posture differential.

Agentic AI Attacks Are Not a Future Scenario Teams Are Drilling Against Them Now

The specific inclusion of agentic AI hijacking as the third most solved challenge category in the Hack The Box dataset deserves individual treatment, because it reflects a threat category that most enterprise security programmes have not yet formally incorporated into their defensive architecture.

Agentic AI systems AI models with tool access, autonomous decision-making capability, and the ability to take actions without direct human approval at the point of execution are moving from experimental deployment into production environments across enterprise technology stacks. Each autonomous agent represents a new attack surface: a system that can be manipulated through its inputs, its tool integrations, its memory mechanisms, or its delegation relationships to execute actions that serve attacker rather than user intent.

The practitioners drilling against agentic AI hijacking in Hack The Box’s platform are not working on abstract future threats. They are building the muscle memory for attacks that their organisations’ AI deployments will face as those deployments mature. The question for CISOs is whether their defensive teams have equivalent preparation and whether the AI systems being deployed in their environments have been tested against the attack classes that practitioners are already cataloguing.

The workforce intelligence data suggests a gap between where practitioner training is heading and where enterprise defensive architecture is. Closing that gap requires not just individual upskilling but a formal expansion of security programme scope to include AI system testing, agent behaviour monitoring, and prompt injection defence as standard programme components rather than emerging specialisations.

The Global Talent Redistribution and What It Means for Workforce Strategy

The geographic dimension of the Hack The Box report carries strategic implications that extend beyond diversity and inclusion framing. India has emerged as a major cybersecurity talent hub alongside the United States, United Kingdom, France, and Brazil five countries collectively accounting for nearly 36% of global cybersecurity upskilling activity captured in the dataset.

That distribution is a workforce strategy signal. The talent pools developing the AI security skills that enterprises need are geographically dispersed in ways that don’t map cleanly onto the organisational structures most enterprise security programmes have historically maintained. Security teams built around co-located, single-jurisdiction hiring models are accessing a fraction of the available talent developing the capabilities the threat environment requires.

The redistribution is also a competitive dynamic. Enterprises that build genuinely global talent pipelines with the organisational infrastructure to integrate distributed practitioners into coherent team models will have access to a deeper, more diverse skill set than those maintaining geographically concentrated hiring strategies. In a market where AI security expertise is in active short supply globally, that access differential compounds directly into capability differential.

Remote-capable security programme architecture is not simply a workforce flexibility decision. In the context of where AI security talent is developing globally, it is a competitive access strategy.

From Talent Shortage to Strategic Risk: The Framing CISOs Need for the Board

The shift that enterprise security leadership needs to make and that the Hack The Box data supports is in how AI skills gaps are characterised at the board and executive committee level.

Talent shortage framing positions the problem as an HR function: hire more people, improve compensation, expand recruiting reach. That framing generates incremental responses to what is actually a structural risk condition. When a security team lacks the capability to test prompt injection vulnerabilities in production AI systems, that is not an unfilled headcount gap. It is an untested attack surface. When practitioners are not trained to recognise or respond to agentic AI hijacking, that is not a training backlog. It is a detection blind spot.

Re-framing AI skills deficits as direct attack surface exposure mapping specific capability gaps to specific threat classes that those gaps leave unaddressed changes the investment conversation. CISOs who can quantify the relationship between workforce capability and risk posture are making a materially different board presentation than those describing a competitive labour market and requesting headcount approvals.

The Hack The Box data provides the empirical foundation for that re-framing: 702,000 practitioners, across 251 countries, are collectively signalling where the threat landscape is heading through their training choices. Organisations whose workforce development investment reflects that signal will build security programmes capable of operating effectively in the AI-defined threat environment. Those that treat AI security training as a discretionary budget item something to invest in when the core programme is adequately staffed are making a risk acceptance decision they may not have formally intended to make.

The Readiness Gap Is the New Perimeter

The perimeter has been declared dead many times in cybersecurity network perimeters replaced by identity, identity extended to zero trust, zero trust now extending to AI agents and autonomous systems. The Hack The Box report adds a layer that the architecture conversation sometimes obscures: the human readiness perimeter.

Technology controls are only as effective as the people who configure, monitor, test, and respond around them. In an environment where AI is simultaneously transforming the attack surface and the defensive tooling, the gap between teams that can operationalise AI security capability and those that cannot is a readiness gap and readiness gaps, historically, are where successful attacks find their entry point.

Building the workforce to close that gap is not a background programme priority. It is a front-line security investment with direct bearing on whether an organisation’s security posture holds as the threat environment continues to evolve faster than legacy workforce models were designed to support.

Research and Intelligence Sources: The Hacker News, StepSecurity, GitHub Security Lab, Sigstore Project, Socket Security

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com