The increasing prevalence of cyber threats in today’s digitally-connected world has propelled the rise in demand for cybersecurity talents, as reflected by a 110% increase in cybersecurity job placements from 2017 to 2018, according to Michael Page, a provider of information technology and cybersecurity recruitment services. The double-fold growth figure reflects the industry’s optimistic outlook.
Michael Pagehosted a media roundtable recently highlighting the challenges in meeting the high demand for cybersecurity professionals in Singapore.
A panel of experts, led by Associate Director of the technology practice at Michael Page, Ms. Shinjika Shukla, discussed the extent of the shortage in cybersecurity talent in Singapore, proposing potential solutions for companies to manage this gap, as well as the necessary skills and expertise that aspiring candidates should possess in order to become part of the cyber solution.
From a hiring perspective, up to 3,400 cybersecurity professionals are in demand by the year 2020 to fill roles in threat and vulnerability assessment, security management, and incident and crisis management in Singapore. Majority of these cybersecurity job openings are found in large MNCs, across the banking, finance, healthcare, and IT sectors.
Shukla pointed out that, “The key is in companies acting fast to hire or replace talent within cybersecurity as professionals often get multiple offers due to the talent crunch in our demanding market. Specialist recruitment firms play an essential role in bridging the needs of potential employees and prospective employers. With extensive industry knowledge to provide insights and advice, cybersecurity roles will be appropriately filled, and Singapore will be on track in defending as well as detecting cyber threats before they strike.”
Organisations face challenges in hiring suitable talent
Despite the huge number of available roles within security management, threat and vulnerability management across various functions, there are still insufficient professionals to take on the positions due to a skills mismatch.
In smaller organisations, the challenge lies in developing talent, where higher costs could be incurred when hiring experienced professionals. Therefore companies could also look towards fresh technology graduates who can learn from the ground up. The case of being overqualified for smaller roles and underqualified for specialised roles, along with other factors such as salary expectations, is a problem faced by many organisations when they are on the search for a new hire.
On ways that cybersecurity graduates can bridge the skills shortage, panelist Mr. Chen Kin Siong, Director at Insider Security, suggested that there are “Numerous online portals, such as GitHub, that allow aspiring cybersecurity professionals to showcase their own work – this approach can supplement years of professional experience, demonstrating a candidate’s abilities at handling code and working within a particular domain.”
Even for individuals who did not come from a cybersecurity background, such a way of building up experience proves to be effective, as roles in other IT domains have transferable skillsets that could be applied to cybersecurity roles. These include the ability to manage and communicate with both internal and external stakeholders, turning data into insights, and being able to make sound recommendations based on critical thinking processes to solve problems. With regards to roles that are well defined within an organisation, “On-the-job training is essential to learning the ropes,” added Chen.
Aside from having skills to handle technical issues and cyber threats, having a balance between soft skills and technical proficiencies will also help cybersecurity professionals better manage stakeholders and convey accurate messages on the extent of cyber threats in an organisation, especially in industries where IT is not a core service, such as banking and finance, or healthcare.
Shukla highlighted, “Organisations are not struggling to identify talent with the right technical skills, they are struggling to find talent with the right technical skills as well as attitude and aptitude. Simple reason, Cybercriminals are approaching the industry with humanised skillset hence it is pertinent to have the defence equipped the same way.”