It seems like every year is a “year like no other” in cybersecurity. Whether it’s the number of vulnerabilities or the employee gap, our industry continues to face more and greater challenges each year.
For example, 2024 showed us how important every line of code in an update is – ask anyone who is a CrowdStrike customer1. They are an industry leader and have a broad customer base, meaning it has significantly impacted many companies. The resolution required physical intervention on the machine itself, and in previous years, it would take most organizations a week or more to get back up and running. Yet many companies worldwide were able to recover from it quickly, which was an amazing feat and a testament to their preparedness.
However, for those who couldn’t recover quickly, like those who experienced the impact of a data breach, they had to deal with the repercussions, including financial and brand reputation. This is why IT and security teams will need to rethink their structure.
The need for a broad range of skills
In 2025, I expect to see the role of the specialized cybersecurity practitioner increasingly become obsolete. The growing complexity and interconnectedness of cyber threats will force this change. Companies will value adaptable cybersecurity professionals who can seamlessly navigate multiple domains, platforms, and vendors.
Historically, organizations sought experts in specific areas, such as identity and access management or firewall management. While this may still work well in large organizations with complex, multi-layered teams, this has become increasingly difficult for small or medium-sized organizations to keep up with. The cybersecurity skill shortage is not going anywhere, meaning that teams need to shift focus now and look to hire professionals who can address a broader range of IT and security challenges.
Additionally, as automation and AI take over routine tasks like firewall change management or vulnerability remediation processes, the demand for deep manual expertise in niche areas will diminish. Continuous Exposure Management tools offer automation for a variety of tasks, including firewall configuration, basic threat detection, and system monitoring; with these tools in place, cybersecurity professionals will have more time to focus on strategic, integrative problem-solving. This shift will help emphasize the move away from narrow technical skills and toward holistic, multi-disciplinary capabilities
The evolving landscape of cybersecurity calls for a paradigm shift in how organizations approach their security teams. As interconnected threats become more complex, the demand for adaptable professionals who can tackle a variety of challenges will outweigh the need for specialists in narrow fields. By rethinking their team makeup and embracing solutions that help alleviate redundant, time-consuming tasks, companies can better prepare themselves to navigate the uncertainties ahead.