Why Global Leaders Need To Act Before The Threats Do

David Jones is Vice President, Technology Portfolio at IDA Ireland.

Cybersecurity has gone from a technical concern to a strategic one. For global leaders, especially CTOs, it’s no longer just about protecting systems; it’s about preparing for what’s coming next.

With threats growing more sophisticated and persistent, the real risk is standing still. Companies must view cybersecurity as a global capability and invest early in the people, technologies and partnerships required to build it.

Three critical areas demand immediate attention: access to skilled cybersecurity talent, integration of AI-powered defense and early preparation for the impact of quantum computing.

1. The talent shortage is no longer a future issue.

There are an estimated 3.5 million unfilled cybersecurity roles worldwide as of 2025. That figure has remained steady since 2021, according to Cybersecurity Ventures. Meanwhile, the World Economic Forum reports a global shortage nearing 4 million.

Without the right people, even the best security tools are underutilized. Organizations find themselves responding slowly, missing threats or leaving vulnerabilities unpatched.

However, some countries are trying new approaches to combat this. In Ireland, micro-credential programs are helping to close the gap faster. These short, targeted learning modules are backed by national funding and designed in collaboration with the industry.

In 2020, The Irish Universities Association developed a national framework for micro-credentials, which contributed to nearly a 20% reduction in Ireland’s cybersecurity workforce shortage in just one year by investing in this kind of practical education.

Technology leaders should think creatively about how and where they build their teams. By considering international expansion through hybrid teams or offshore partnerships, for example, they can access a slew of cybersecurity talent.

Additionally, companies can invest in local talent development by partnering with educational institutions to create specialized training programs and internships. This approach not only helps build a robust pipeline of skilled professionals but also strengthens community ties and enhances local capabilities.

2. AI is the next layer of resilience.

Security teams today are managing a growing wave of alerts and attacks, many of which are too complex for human response alone. The answer is not just adding more people; it is building smarter, more adaptive systems.

AI is already reshaping cybersecurity operations. AI-powered tools are being used to triage alerts, detect anomalies and automate threat responses. Companies that embed AI into their security operations are reducing detection time and improving accuracy while freeing up analysts to focus on critical decision-making tasks.

Governments are recognizing the importance of AI in national resilience strategies. In March 2025, the European Commission announced over 1 billion Euros in funding through its Digital Europe Programme to accelerate the rollout of AI, cybersecurity and digital skills across EU member states. This investment complements the EU’s AI Act, the first major legal framework to set risk-based rules for AI while promoting responsible innovation.

Ireland’s National AI Strategy, “AI—Here for Good,” outlines a human-centric approach to AI development and was refreshed in late 2024 to reflect the evolving technologies and regulatory priorities. Combined with a growing multinational ecosystem of AI and cybersecurity companies and supported by government and academic partnerships, this creates an environment where innovation and compliance go hand in hand.

To build smarter, more agile systems, organizations should begin by conducting a thorough audit of their current resources to identify areas where AI can enhance existing processes. Integrating AI tools with current security infrastructure can automate routine tasks and improve threat detection capabilities. Additionally, leveraging existing data to train AI models ensures they are tailored to specific threats, while regularly updating these models with new data maintains their effectiveness and adaptability.

Fostering collaborations with academic institutions and industry partners can help drive innovation and compliance, creating a culture of continuous learning and adaptation. By following these best practices, companies can develop AI environments that are resilient and aligned with regulatory standards.

3. Quantum disruption is closer than it seems.

Quantum computing may still feel like a future concern, but it’s already reshaping our approach to security. Encryption methods that underpin today’s secure systems, such as RSA, will eventually be rendered obsolete by quantum machines.

This threat is especially relevant for sectors that rely on long-term data protection, like finance, healthcare and national infrastructure. Even if quantum decryption is still years away, data stolen today could be harvested and decrypted later.

Regulators are not waiting. In 2022, the U.S. National Institute of Standards and Technology (NIST) began publishing post-quantum cryptography standards. The European Union and other countries are also planning for quantum risk as part of broader digital resilience strategies.

Companies that want to avoid being caught off guard are starting to assess where legacy cryptography exists in their systems and how to replace it. Future-proofing cybersecurity architecture now means asking the right questions:

• Are your vendors thinking about quantum security?

• Do you have a roadmap for migrating critical systems?

• Can you pilot quantum-resistant algorithms in your lower-risk environments?

Being early here does not mean being reckless—it means being ready.

4. Cybersecurity is a growth enabler, not a roadblock.

At its core, cybersecurity is about trust. It is what enables companies to grow, expand across borders and innovate without fear of disruption.

For CTOs guiding that growth, the opportunity is clear. By addressing the talent shortage, leaning into AI innovation and preparing early for quantum risk, cybersecurity becomes more than a defense mechanism; it becomes a competitive edge.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?