Addressing the skills gap in cybersecurity

Addressing the skills gap in cybersecurity

Daniel Chu, Vice President of Systems Engineering for Asia Pacific and Japan at ExtraHop, answers our questions about the high demand for cybersecurity skills.

Daniel Chu, Vice President of Systems Engineering for Asia Pacific and Japan at ExtraHop

What are some of the highest cybersecurity skills in demand?

Cybersecurity is a broad field that cuts across industries and sectors with a high demand for talent to adapt to the increasingly creative and sophisticated cyberattacks. To cope with the rising threats, organizations must develop and upgrade both the technical and non-technical skills of their cybersecurity teams.

Cybersecurity teams should keep abreast with the various emerging threats that businesses face, as well as ensure compliance with legal and regulatory requirements for cybersecurity. With a firm understanding of policies and regulatory frameworks, as well as developments in the cybersecurity field, IT teams and businesses can align and develop strategies to strengthen their cybersecurity stance.

While cybersecurity can be a highly technical field, it also requires non-technical skills such as strong analytical capabilities, out-of-the-box thinking, communication skills and problem-solving. These skills are necessary especially for risk management and security compliance roles, as well as mid-management leadership roles.

How has the shortage in said skills contributed to cybercrime over the past year?

In Asia-Pacific, there is a workforce gap of approximately 1.42 million in the cybersecurity sector, according to 2021 research by the International Information System Security Certification Consortium (ISC).

According to Deloitte, cybercriminals are also upgrading their tools and improving their techniques. Threat actors are adopting the As-a-Service business model, which further contributes to the rising cybersecurity concerns. As the frequency and sophistication of cyberattacks escalate, there is an urgent organizational need to advance cybersecurity measures, raising the demand for cybersecurity experts.

With the inability to keep up with the skills and talent demand, the cyber skills shortage has significantly contributed to the increase in cybercrimes. Cybersecurity teams are understaffed and lack the needed skills to help them effectively defend their organizations against the growing threats and respond to increasing regulatory requirements.

How can government agencies support cybersecurity initiatives and the demand for cyber talent?

In Singapore, the government has rolled out various initiatives to help address the skills gap in cybersecurity. Through the Singapore Cyber Talent program of the Cybersecurity Agency (CSA) the country looks to expand its cyber talent pool. SG Cyber Talent aims to reach out to a minimum of 20,000 individuals within the next three years to encourage them to embark on a journey in cybersecurity.

The agency also partnered with the Infocomm Media Development Authority (IMDA) to develop the Cybersecurity Associates and Technologists (CSAT) Program in its pursuit of supporting both fresh and mid-career cyber professionals in enriching their skills through training on the job.

Companies registered in this partnership are offered the chance to train and upskill fresh ICT professionals and mid-career professionals for cybersecurity roles. Other initiatives of SG Cyber Talent include Cybersecurity Career Mentoring Program with the Singapore Computer Society (SCS), SG Cyber Women initiative, SG Cyber Educators Program and SG Cyber Youth Program.

With such proactive efforts in place, government agencies do not only promote cybersecurity as a viable career path for IT professionals and fill the gap in the industry but also help the country become more resilient amid an increasingly unpredictable cyber climate.

What are some ways organizations can retain cyber talent?

Poaching is a problem for many organizations. Human resources departments need to develop employee retention strategies to encourage cyber specialists to stay put. They should focus on providing a clear path for career advancement while publicly acknowledging their vital contributions to the company. Management should never treat or have their cybersecurity organizations be perceived as a cost center.

Adopting new technologies such as Machine Learning and automation can provide cyber specialists with greater insights into threats and makes it easier for them to detect and disarm advanced attacks before damage is done. By equipping them with the right tools in doing their jobs, cyber professionals can be encouraged to stay in the field and pursue upskilling and reskilling.

Which countries in the APAC region are hardest hit by the shortage of cybersecurity skills?

While cybercrime is increasing across the Asia Pacific (APAC) region, it appears to be at its highest in specific countries like Indonesia and Vietnam. In Interpol’s 2021 Cyberthreat Assessment, Indonesia was reported to have had the most phishing attacks, with 737,152 compared to 145,004 in Singapore.

The same can be found in ransomware cases, as Indonesia reported 1.3 million cases of ransomware attacks in 2020 and more than 880,000 attacks on Vietnam. However, in spite of registering the least number of phishing attacks in the region, Singapore’s cases had actually increased by 60.5%.

It is important to note, however, that the alarming rise in reported cyberattacks in these countries is due to the surge in cybercrime, instead of the shortage in cyber talent. It is the evolution of cyberthreats, such as Ransomware-as-a-Service and Crimeware-as-a-Service, that makes cybercrime available to those without technical knowledge, which has led to an increased need for cyber talent in the region.

Is the shortage in cybersecurity skills a problem specific to the APAC region?

The shortage in cyber talent is a global issue, with a deeper severity in the APAC region. The current gap in cyber talent stands at 2.7 million on a global scale. However, 1.42 million out of the total is in APAC. The (ISC)² also reported that cybersecurity hiring trends in APAC small and medium enterprises (SMEs) and mid-market businesses fall short of their global counterparts in terms of hiring intent. Larger enterprises, on the other hand, remain steadily hiring, with a higher rate of onboarding compared to pre-pandemic levels.

Why is there such a high burnout rate in the cybersecurity industry?

Security operations teams today are experiencing alert fatigue as cyberthreats increasingly become more sophisticated. A typical security investigation workflow today involves dozens of tools that fire numerous alerts with a high percentage of false positives. Without an automated security process, analysts manually gather the data to identify which alerts to prioritize and follow up on. This is an especially impossible task for organizations receiving more than 5,000 alerts daily. When alerts become overloaded, there is a greater potential for threats to slip through the cracks.

There also is mounting pressure on these individuals to safeguard their organization amid increased attacks and long hours. The shortage of talent has only exacerbated this issue.

Has the proliferation of tertiary education courses in cyber skills managed to improve the skills shortage at all?

According to the International Information System Security Certification Consortium (ISC)², the cybersecurity workforce gap across the world has narrowed from 3.1 million in 2020 to 2.7 million in 2021. It was estimated that around 700,000 cybersecurity professionals had joined the cybersecurity workforce within a year, which reflects a sustained progression towards addressing the shortage in cyber talent.

We can also see the expansion of training programs to address the skill gap in cyber talent. A recent example can be seen in GSX joining the (ISC)²official training partner program to deliver cybersecurity education and professional development.

How far is the ever-changing threat landscape part of the problem? Does this put people off entering the sector?

The evolution and surge of cyberattacks has heavily contributed to the shortage of cyber talent. We like to think we already know how ransomware works but threat actors continually add new acts or improve the tactics in their playbooks.

Cybercriminals have now expanded their blast radius through the use of advanced land-and-pivot-style tactics. This ensures a handsome payout from companies struggling to regain operations without significant data leakage or reputational damage.

Fortunately, this issue does not put people off from entering the sector as there are technologies that can aid them in combating these attacks and a mission that focuses on protecting people and data.

The use of technology, such as Machine Learning and automation, simplifies the security operations process. It enables IT teams to gather, correlate and analyze large amounts of data faster and with minimal effort, allowing for a more productive and efficient security team. Automation, for instance, can help detect threats that can be missed by a manual incident response process. By automating their security processes, organizations can provide unprecedented visibility, definitive insights and immediate answers without burning out their security teams.

Browse our latest issue

Intelligent CIO APAC

View Magazine Archive