According to the latest report of the World Economic Forum (WEF), there is a shortage of 3 million cyber security professionals in the world. “There is a shortage of cyber professionals – there is a gap of more than 3 million worldwide who can provide cyber leadership, test and secure systems, and train people in digital hygiene,” it said.
A continued shortage of cybersecurity professionals could ultimately hinder “economic growth”. The report acknowledged that new efforts to “democratize” cybersecurity, such as offering security risk management tools for free, could benefit smaller companies and other organizations to some extent.
However, “there are concerns that quantum computing may be powerful enough to crack encryption keys, which poses a significant security risk due to the sensitivity and criticality of the financial, personal, and other data protected by these keys. The emergence of the metaverse malware” and could also expand the attack surface for malicious actors by creating more entry points for data breaches”, it said.
This gives rise to the demand for cyber security professionals. “Security consulting services, which includes planning, policy development, and building security architecture for cyber security strategies, expected to grow at a compound annual growth rate (CAGR) of 12.2% over 3 years to become a $157 million market by 2022 Is.” A PwC report said.
“The security implementation services market in India is projected to grow from $221 million in 2019 to $320 million by 2022, at a CAGR of 13.2%, given that devising effective cyber security strategies depends on successful security implementation, “It said.
According to the Data Security Council of India, “The most commonly advertised security job is ‘analyst’. However, there is significant demand for security operations, threat management, security management, identity and access management.”
However, enterprises are struggling to find talented security professionals.
In 2021, Sophos found, “67% of companies are having difficulty keeping up to date with their cybersecurity environment and in-house skills are an important consideration in helping organizations tackle this issue”.
“Unfortunately, 59% of businesses agree that their company’s lack of cybersecurity skills is challenging for their organization, a modest 3% improvement from 2019’s 62%,” it said.
“Safety is not just about mastering the technology but its relevant application. The key is to know the environment and apply proper controls. Enterprises look for such professionals,” said Yask Sharma, CISO, Indian Oil Corporation Ltd. Those who have knowledge of both and often find it difficult to find the right mix in a professional.
Mainly the issue is that no amount of cyber security professionals from outside can fix cyber security. “Cyber security is a culture that you have to develop within your organization. No external products or engineers can help with this as every engineer needs to be trained with this skill and most Indian engineers are probably on this front. and many people do not understand the concept of privacy, although some may understand cyber security,” confirmed Srinivas Kodali. , Researcher, Free Software Movement of India.
The emerging and ever dynamic cyber threat environment requires highly agile and up-to-date cyber professionals to safeguard the enterprises. “With technologies and evolving domains, finding the right fit is a major challenge and there is a huge demand versus supply gap in the talent market. The structured and planned upskilling of existing cyber teams on selected sectors, especially cloud and data security, takes organizations off the curve. It can help us stay ahead,” said Sameer Khare, Vice President, Cyber Security, APAC, Capgemini.
The solution is simple but time-consuming – either internal organic growth or long-term contractual engagement. “The attackers are hitting where they hurt the most and they spend a lot of time finding the spot and hence, the defenders need to know their areas better than the attackers,” Sharma said.
However, this phenomenon is a ray of hope for the comparatively small cyber security businesses as they are witnessing more growth in demand than ever before. “With most employees working from home, there has been a nearly 300% increase in the number of cyber attacks in the last year alone. With our interactions with the CISOs/CIOs community, we hear if they need 10 cyber security professionals in a team, they currently have three, which is 30% cyber security experts in their team,” said Sandeep Kumar Panda , said co-founder and CEO of InstaSafe Technologies.
“Medium-sized and small organizations that do not have cyber experts in their teams are now outsourcing their security services to various cyber security vendors. Hence, the need of the hour is how SMEs and enterprises work together and fill this gap,” he said.
Never miss a story! Stay connected and informed with Mint.
download
Our App Now!!
,