Cyber security is a critical aspect of business that organizations cannot take lightly.
From email to network security to endpoint security management, there are a number of things to look out for when it comes to cybersecurity.
Granted, cybersecurity is not a cheap investment. Not only are solutions expensive, but they can also be costly to maintain annually.
This has often resulted in IT security teams struggling to justify these costs to their company’s senior management and board members.
Cybersecurity is taking a back seat
Most companies want to transform digitally in order to stay competitive and increase their sales. However, many do not realize that the migration to new systems, services and offerings must be carried out in a secure manner.
Terrifying and very worrying, Research from Trend Micro showed that 90% of IT decision makers claim their organization would be willing to compromise cybersecurity for digital transformation, productivity, or other goals.
In addition, 82% felt pressured Cyber risk severity to their board of directors. The study shows that only 50% of IT executives and 38% of business decision makers believe that C-suites fully understand cyber risk.
While some think this is because the subject is complex and constantly changing, many believe that those in C-suites either don’t try hard enough (26%) or don’t want to understand (20%).
In fact, there are tons of Managed Service Providers (MSPs) that offer Cybersecurity protection services to companies.
However, the cost of reliance on MSPs or a shadow IT team for cybersecurity can also be a risk.
For example, companies around the world struggled to access their systems when Kaseya, an MSP vendor, was exposed to a ransomware attack.
While the cyber criminals targeted the MSP provider, the impact was severe enough to hit companies around the world.
Build a team of cybersecurity experts
As new technologies have enabled an increase in AI-driven security solutions, organizations still need a cybersecurity team that is physically on-site to help them manage it. Unfortunately, the cybersecurity industry simply doesn’t have enough skilled talent available to meet growing demand.
Cybersecurity payrolls have proven to be higher compared to other IT roles in a company. Even so, people are still not interested in working in this area.
According to The life and times of cybersecurity professionals in 2021, a research report by the Information Systems Security Association (ISSA) and the industry analyst firm Enterprise Strategy Group (ESG), the main effects of the skills shortage are an increased workload for the cybersecurity team (62%), unfilled job requirements (38%) and high burnout among employees (38%) .
The report, which polled 489 cybersecurity professionals, also showed that 95% of respondents say the cybersecurity skills shortage and its impact have not improved in recent years, and 44% say it is only getting worse has.
In particular, the three most frequently mentioned areas of importance Skills shortage in cybersecurity include cloud computing security, security analysis and research, and application security. These areas should be the primary focus for cybersecurity professionals as they develop their skills.
Going back to Southeast Asia, the demand for such roles is the problem in the industry. There are simply not enough professionals in the market to fill these roles. Some organizations have already reached out to foreign talent in the hope of attracting them to these roles.
In fact, most senior IT positions in Southeast Asia, especially in large corporations, are usually held by people from India or China. While this is not a problem, companies face a reputation for developing and producing more local talent.
What industry players are doing
For SMEs, Build a cybersecurity team is unfortunately not at the top of their list of priorities.
SMBs often outsource their cybersecurity protection to MSPs, which is still good enough as they protect their business. However, in the long run, SMBs should look to building a security team, especially since these are these types of companies most attacked by cyber criminals.
Larger companies and organizations are now looking directly for technical talent from universities and colleges to develop these graduates’ competencies right after graduation. Even so, most students like the idea as they don’t want to be tied to any particular organization.
To help develop skills, large tech companies have taken on the task of ensuring that the skill shortage problem is resolved.
In Singapore, for example, Dell Technologies recently announced a joint commitment with four Institutes of Higher Learning (two colleges, two universities) to Improvement of the vocational training curriculum for over 5,000 students in the tertiary sector in the next two years.
The program aims to build and attract a robust talent pipeline for the local information and communication technology sector by providing students with industry-relevant skills.
Dell Technologies will collaborate to develop new content for curriculum modules, diplomas and degree programs that focus on critical core competencies related to new and emerging technologies such as cloud computing, data analysis, Internet of Things (IoT) and digital city management.
In addition, the governments of Singapore and Great Britain signed a MoU for cooperation Improve cybersecurity professional development and build a foundation for cyber security skills.
This includes possible initiatives for the mutual recognition of qualifications and diversity so that both societies are future-proof and equipped with the skills and professional standards they need to meet the requirements of the constantly evolving digital economy.
Aside from Singapore, Technology giants have also partnered with regional governments and universities Assistance in the development of skilled employees in the technical field, including cybersecurity.
The only question now is, will they be able to produce cybersecurity experts fast enough to fill the gap?
Whatever it is, the reality is that the industry has a massive shortage. Even if MSPs can help companies solve the problem, in the long run companies, especially large companies, want to have their own security team that manages all of their cybersecurity.
Solving the cybersecurity problem
It’s really uncertain why there is a lack of interest in cybersecurity jobs. After all, the training and salary packages offered are often among the highest in the IT industry. Perhaps cybersecurity just isn’t attractive enough to most IT professionals. To some, the job may seem mundane and not exciting enough compared to being an app developer or programmer.
Another issue is the general attitude towards cybersecurity roles. Cyber attacks and data breaches are on the rise. If a data breach occurs, the security team will be held responsible, even if it was caused by a breach by a third party or through legacy infrastructure that was not upgraded by companies (although this was advised by the contractors). overlooking the area).
Even with modern technology automating most processes and detecting violations, the ultimate responsibility would still rest with the physical IT security team. And maybe the responsibility associated with securing corporate and consumer data is just too heavy for some to bear.
However, that mindset needs to change. Modern technologies have enabled better data security and a better recovery process, which makes it easier to conduct cybersecurity processes.
However, unless attitudes towards the roles of cybersecurity are changed, the region will continue to experience talent shortages for some time to come.
Note: The views presented here are provided by the author and do not represent Tech Wire Asia.
#Asia #plagued #cybersecurity #talent #shortage