Cybersecurity skills gap a mounting concern in Asia
- Lack of in-house, on-demand cybersecurity skills and implementation expertise have been identified as crucial barriers to raising advanced cyber defense infrastructure in key Asia Pacific.
- 89% of organizations across Asia have board of directors who are acutely aware of cybersecurity concerns, amid a rising tide of costly breaches and resultant reputational damage.
- Fortinet’s skills gap report uncovered that an overwhelming 97% of cybersecurity and IT leaders believe that tech-oriented certifications positively impact their role and their team, while 86% of leaders prefer to hire people with certifications.
The lack of in-house, on-demand cybersecurity skills and implementation expertise have been identified as crucial barriers to raising advanced cyber defense infrastructure in key Asia Pacific (APAC) markets, according to new research from leading integrated and automated cybersecurity solutions specialists, Fortinet.
The global 2022 Cybersecurity Skills Gap Report uncovers how a widening cybersecurity skills shortage in the region continues to have widespread repercussions for firms in the region, where damaging cyberthreats continue to present a broad threat surface for private and public sector organizations.
Email phishing, ransomware, and embedded malware code targeting endpoints and connected systems, both online and offline, are causing problems for unprepared workforces and giving rise to new, threatening data breach incidents across the APAC, resulting in growing losses and subsequently costly fixes for IT security teams.
With trusted cybersecurity certification group (ISC)2’s Cyber Workforce Report pointing out that APAC has the largest regional workforce gap of 1.42 million, Fortinet’s own study of over 110 IT and cybersecurity decision-makers from countries like Singapore, Thailand, Hong Kong, Philippines, Malaysia and Indonesia has illustrated how training and certifications can help APAC companies procure a firmer grip on their cybersecurity readiness – as companies continue to pursue rapid digitalization in efforts to capture shifting, online-first demands of local consumers and partner ecosystems.
Already, the survey highlighted how 89% of organizations across Asia have a board of directors who are acutely aware of cybersecurity concerns, amid a rising tide of costly breaches and resultant reputational damage.
Fortinet’s skills gap report uncovered that an overwhelming 97% of cybersecurity and IT leaders believe that tech-oriented certifications positively impact their role and their team, while 86% of leaders prefer to hire people with certifications. Certifications that line up with the latest national advisories and security frameworks like the Malaysia Cyber Security Strategy 2020-2024 plan by the country’s National Cyber Security Agency (NACSA), which acknowledge the need for ever-improving skills training in the face of a severe lack of regional cybersecurity skills awareness, explain why 89% of knowledgeable survey respondents are even willing to pay for employees to achieve the desired cyber certifications.
Alongside cultivating security pros with the right applicable certifications, a whopping 93% of respondents said they have implemented a training program to increase cyber awareness – but over half of decision-makers (51%) think their staff still lack the adequate skills knowledge required – which questions the effectiveness of the current security awareness training programs.
“To close the skills gap, it is also crucial for organizations to commit to continuous training and re-training, to develop a diverse group of cybersecurity professionals who can help safeguard Malaysia enterprises against sophisticated and destructive attacks,” noted Dickson Woo, country manager for Fortinet Malaysia, while at the Fortinet Accelerate Asia 2022 roadshow in Kuala Lumpur.
The Fortinet research further highlighted the stiff challenges Malaysian and Asian enterprises faced to fill critical security roles regionally, with Fortinet Asia Vice President of Marketing and Communications Rashish Pandey pointing out that SOC analysts was the most sought-after job description, but by no means the only one, with demand for others like cloud security specialists also soaring.
The hiring challenges for key positions are even more pronounced thanks to the issues with hiring a more diverse crop of talent. Across the region, 76% of boardroom leaders see recruiting new talent as the top hiring hurdle, followed closely by the challenges of recruiting women for security roles at 75%.
Interestingly, regional organizations are catching on to the global trend of building more diverse workforces, with a soaring 90% of Asian businesses expressing diversity hiring commitments for the first time ever – three out of four companies have fixed policies in place to ramp up female recruitment, and just over half (59%) have strategies in place to hire minorities.
Regionally and in individual countries, Fortinet also continues to step up hiring across all core functions to meet building demands from customers. In Malaysia, the cybersecurity solutions specialist has moved to expanded premises and increased the hiring of data security analysts, application security engineers, and compliance managers to complement expanding Systems Engineering and Technical Assistance teams of its robust FortiGuard threat discovery and analysis Labs.
At its new location, the solutions provider is building dedicated training spaces for upskilling and reskilling workers, in response to the sizable cybersecurity skills gap impacting Malaysian businesses. Fortinet has also been following through on its commitment to train one million individuals worldwide in cybersecurity skills over the next five years, with its Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) Certification, Academic Partner, and Education Outreach programs.
“Malaysia has recorded a need for 20,000 professionals in the cybersecurity workforce by 2025. Our collaboration with Malaysian academia and industry partners to provide training and certifications is fundamental to such efforts and fortifies our commitment to shaping the next generation of cybersecurity talents in the country,” explained Woo.
“In addition, improving the urgency of local organizations to hire a diverse group of professionals is highly important, especially in our industry, to avoid talent slipping through the cracks at the expense of business outcomes,” he commented.