A recent SANS | GIAC report highlights workforce deficiencies in operational technology (OT) cybersecurity, identifying these gaps as a significant vulnerability for critical infrastructure. The 2026 global survey, which included 947 cybersecurity and human resources leaders, emphasizes a shift from expanding headcount to improving skills readiness. The report, released in early 2026, calls for structured entry-level pipelines and certification frameworks to address mounting concerns across European and international sectors.
Background
Resilience in industrial environments depends on OT/ICS (industrial control systems) expertise, which integrates safety, reliability, and cyber risk management. Previous findings reinforce ongoing deficits: the SANS 2024 OT survey reported that more than half of professionals had less than five years of experience, and nearly half lacked formal cybersecurity certifications. These gaps undermine incident preparedness within industrial contexts.
Recent workforce studies have shifted focus from hiring volume to capability gaps. The SANS 2025 Workforce Research Report found that over half of leaders identified a shortage of required skills-not insufficient numbers-as the core issue. This trend is particularly pronounced in OT, where specialized skills are critical.
Details
The 2026 report, representing responses from North America, Europe, Latin America, Asia-Pacific, Africa, and the Middle East, presents nine strategic recommendations for cybersecurity leaders:
- Develop AI governance and baseline AI security training.
- Build entry-level talent pipelines through structured mentorship and rotations.
- Adopt standardized workforce frameworks such as NICE or ECSF to define qualifications.
- Validate team skills to ensure compliance with regulatory requirements.
- Foster inclusive cyber incident response planning, engaging stakeholders beyond the security team.
Case studies illustrate scalable models: Microsoft utilizes AI to accelerate skill development; Bayer has implemented a skills-based approach for 90,000 employees; Singapore's Cyber Security Agency has trained over 22,000 individuals since 2020.
Outlook
Industrial operators and infrastructure stakeholders are anticipated to adopt these guidelines through partnerships with industry, vendors, and government. Implementing targeted training pipelines, credentialing standards, and measurable competence frameworks is expected to strengthen OT workforce preparedness and reduce systemic cyber risk.
