MSSP, Managed Security Services, Endpoint/Device Security, Security Management, Security Staff Acquisition & Development, Training, AI benefits/risks, Generative AI, Cloud Security, Network Security, Incident Response, SOC, Threat Hunting

AI Is Changing Security Training and Hiring, Opening New Opportunities for MSSPs – Hack The Box

Robots And Humans as AI or Artificial Intelligence facing off as a symbol of future technology and employment or unemployment as automation in society changing the global economy.

AI is accelerating the pace at which the cybersecurity industry is evolving - both among threat actors targeting enterprises and the defenders trying to protect them.

Hack The Box, which offers an AI-based cyber-readiness platform, emphasized this in its recent Cybersecurity Workforce Intelligence Report, points to a clear shift in how security teams are thinking about training, planning, and spending. AI-related skills are moving higher on the priority list, along with more integrated security teams and practical disciplines such as penetration testing.

The company surveyed more than 702,000 cybersecurity professionals across 251 countries and territories, which revealed that the pressure is being felt inside corporate security teams, but it also matters for MSSPs, which are being asked to support customers through a skills gap that is becoming more operational and more AI-driven.

Hack The Box founder and CEO Haris Pylarinos wrote that AI is the barrier between defenders who can operationalize the technology and those who can’t. CISOs need to ensure that their teams can operate effectively both with AI and without it when necessary.

It’s also changing what organizations expect from their MSSPs, according to Gerasimos Marketos, Hack The Box’s chief product officer.

“Organizations are under pressure from two directions at once: rapidly evolving AI-driven threats and a cybersecurity skills gap that continues to widen,” Marketos told MSSP Alert. “They’re no longer looking only for monitoring or tool management [from MSSPs]. They want strategic partners that can help them operationalize AI safely, validate AI-driven defenses, and strengthen workforce readiness at the same time.”

Focus on AI Risks, Complementary Skills

Key findings of the report highlight the greater emphasis organizations are putting on AI-based risks, such as prompt injections (29%), model exploitations (24%), and agentic AI hijacking (12%), and how these are influencing shifts in training and preparation. This includes not only what security teams are being trained on, but also what’s needed with the ongoing transition to more integrated models, with security pros expected to offer complementary and collaborative skills across multiple domains.

They are moving from separate red and blue teams to purple teams that can address the full defense cycles, from testing to validation to defense. More than 68% of respondents said defensive-minded pros are being trained in defensive and offensive tactics (77.53%). Offensive practitioners are primarily focused on offensive skills, according to almost 93% of respondents, but more than 44% are also incorporating defensive techniques.

“This evolution reflects a broader maturation of the cybersecurity landscape,” the report’s authors wrote. “What may appear as an offensive-heavy trend at the surface is, in practice, indicative of a converging skill model, in which professionals across roles are building complementary capabilities to operate more effectively within modern security programs.”

Test and Validate

Marketos said that traditional approaches to training and readiness are struggling to keep pace with the AI-driven changes. For MSSPs, this means investing more heavily in continuous validation and hands-on skill development. They can no longer deploy AI tools and assume they’ll work securely. Instead, they need to continuously test AI-driven workflows, security agents, and analyst response capabilities.

The shift to a more purple-teaming cybersecurity environment is also something MSSPs need to understand, as is the greater value clients are putting on demonstrated and practical skills rather than theoretical knowledge alone, he said.

“MSSPs that prioritize ongoing simulation, cross-functional upskilling, and AI-focused readiness exercises will be much better positioned as customer expectations continue to evolve,” Marketos said.

MSSPs as 'Cyber Readiness Partners'

He added that AI is making it more difficult for organizations to keep up through traditional hiring and training models. This is an opportunity for MSSPs.

“Over the next few years, we expect MSSPs to evolve into continuous cyber readiness partners,” Marketos said. “Customers will increasingly expect providers to help assess AI risk, validate AI-driven operations, and continuously measure how both human analysts and autonomous systems perform against emerging threats.”

Organizations are also going to embrace dynamic workforce development models because AI is changing attack techniques and defensive workflows too quickly.

A Human-AI Collaboration

“The MSSPs that stand out will be the ones that combine validated AI capabilities with continuously trained human expertise, alongside metrics that add business value for security leaders in the era of agentic AI,” he said. “That balance between automation and human judgment is going to become a major differentiator across managed security services in the era of agentic AI.”

Even in this AI era, companies don’t see human defenders being entirely replaced. Rather, the ideal is human-AI collaboration models, with AI improving the speed and scale, and experienced analysts driving decision-making and investigations.

“For MSSPs, that creates a major opportunity,” Marketos said. “AI is also changing how organizations measure security performance, and MSSPs can play an important advisory role in helping customers redefine metrics around analyst productivity, response validation, automation effectiveness, and human-AI collaboration.”

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.
Jeffrey Burt

Jeffrey Burt has been a journalist for almost 40 years, moving from general-circulation newspapers to IT news sites in 2000. He’s an expert analyst and writer on cybersecurity, data center infrastructure, AI, and a host of other subjects for a range of organizations, including CyberRisk Alliance, eWEEK, Techstrong Group, The Next Platform, and The Register.

You can skip this ad in 5 seconds