At least 91% of Indian organizations were targeted by ransomware attacks in 2022, according to the latest report shared by information security company CyberArk. In today’s digital landscape, the proliferation of cyber threats poses a significant challenge to businesses worldwide.
This underlines the need to improve enterprises’ security shields to build around themselves. A key aspect of this security bulwark is its robust tranche of experienced and qualified cybersecurity professionals who can protect their digital assets and thwart cybercriminals’ attacks.
The pressing need for skilled cybersecurity professionals has emerged as a critical concern. While, on the one hand, cybercriminals are constantly improving their tactics, organizations are staring at the formidable task of hiring and retaining a robust cybersecurity team.
A recent study conducted by TeamLease Digital revealed that despite 40,000 job openings for cybersecurity professionals as of May 2023, a staggering 30% of these vacancies still needed to be filled due to a significant shortage of skilled individuals. This emphasizes the stark gap between demand and supply in the cybersecurity workforce since an understaffed security team and a shortage of senior-level personnel make companies more susceptible to breaches. And Indian companies are feeling the pinch of this gap very acutely.
While the demand for cybersecurity professionals has skyrocketed in recent years, driven by the escalating frequency and sophistication of cyber-attacks, the supply of qualified personnel has yet to keep pace. As per the 2023 Global Cybersecurity Skills Gap report, 84% of the surveyed organizations in India said that the unfilled IT positions due to cyber skills shortage have led to additional cyber threats. This talent gap leaves numerous businesses needing help to recruit qualified personnel to protect their digital assets effectively.
Shailendra Shyam Sahasrabudhe, Country Manager, India, UAE and South East Asia, Cymulate Ltd stated, “Far too often we are working with a smaller staff than we would like and a wide array of skills sets. It is essential that solutions take this into consideration if they wish to be able to appeal to all cyber-maturity levels. For less experienced practitioners, the solution should provide value out of the box and increase cybersecurity offense and defense skills from day-to-day use. For higher-level cyber/maturity professionals, the solution should be open and customizable and liberate them from time-consuming tasks so they can focus on the more important things.”
The Evolving Threat Landscape
The rapid evolution of cyber threats requires a skilled and knowledgeable cybersecurity workforce to counteract the increasingly sophisticated attacks. Traditional security measures must be improved, as attackers continuously adapt and devise new methods to breach defences.
Skill sets like data privacy, cloud security, AI security, and network security are in high demand as organizations strive to safeguard their sensitive information and infrastructure from malicious actors. Understanding and combating emerging threats is crucial to maintaining robust cybersecurity. This has increased the demand for cybersecurity professionals with specific skill sets.
Chetan Jain, Founding Executive Director, and Managing Director, Inspira Enterprise, said, “In today’s era of extreme digitization, rampant data breaches and strict privacy regulations like the GDPR and CCPA, cybersecurity professionals play a pivotal role. By investing in the right cybersecurity talent, organizations will not only strengthen their digital infrastructure, safeguard confidential information, and uphold the trust of their stakeholders, but will also save millions of dollars. The cost of a security incident is pretty significant when you consider brand reputation, loss of trust, recovery time and the penalties. Skilled cybersecurity professionals are therefore vital for ensuring a stable and secure environment and providing robust protection against potentially devastating cyber-attacks.”
Mitish Chitnavis, CTO, iValue InfoSolutions noted that integrating artificial intelligence (AI) into various aspects of business operations introduces new security risks. Skilled professionals must understand and mitigate the vulnerabilities associated with AI algorithms, ensuring AI systems’ integrity, fairness, and security.
“As networks become more complex, professionals with expertise in network security are indispensable. They must possess in-depth knowledge of network protocols, firewalls, intrusion detection systems (IDS), and other security measures to identify and mitigate potential vulnerabilities within the network infrastructure. Along with technical expertise, Cybersecurity professionals also require a range of essential soft skills. Problem-solving capabilities enable them to analyze complex security incidents and develop effective solutions. Communication skills are vital in articulating security risks and strategies to non-technical stakeholders”. he opined.
Bridging The Gap, Mindfully
To bridge the skill gap, Indian enterprises must invest in skilling initiatives to nurture cybersecurity talent. This can be achieved through partnerships with educational institutions, industry certification programs, and internal training programs. Building robust internship programs and apprenticeships can provide hands-on experience to aspiring cybersecurity professionals and equip them with practical skills.
Rajarshi Bhattacharyya, Co-Founder, Chairman and Managing Director, ProcessIT Global, said, “Due to the ever-expanding threat landscape, there is a high demand for cybersecurity professionals. Skills shortage in this domain creates potential gaps in cybersecurity. Cyber Security jobs come with tremendous pressure compelling security experts to leave their profession and the demand continues to rise. Building skills in-house, partnering with managed security service providers (MSSPs), and automating routine tasks are some of the ways of mitigating the cybersecurity skill gaps. Sharing threat intelligence with other organizations can help in enhancing detection and response capabilities while reducing efforts. Initiatives should be taken by the government and business houses to inspire individuals to pursue careers in cybersecurity.”
Vinay Sharma, Regional Director, India and SAARC, NETSCOUT, said, “The increasing demand in the coming days for cloud security engineers, security software developers, and CISOs may not be fully met due to a shortage of skills. This skills gap challenge in cybersecurity which is present in organizations across the globe is unlikely to disappear soon. One of the ways to address this is to deploy AI and Automation as the primary line of defense in identifying security threats.”
As per the Fortinet report, 98% of Indian companies prefer recruiting cybersecurity professionals with tech-focused certifications, with over 80% of employers even ready to sponsor cybersecurity certifications for their workforce financially. Despite making these overtures, many companies still need help finding people with certificates.
The need for more skilled cybersecurity professionals poses a significant challenge to organizations facing an increasingly hostile cyber landscape. Investing in skilling initiatives and nurturing cybersecurity talent becomes imperative to address this gap, even though finding veterans in the sector is extremely difficult.
Another out-of-the-box initiative to address the ongoing skills gap is to partner with educational institutions that offer cybersecurity degree programs. This will provide them with a regular pipeline of fresh talent who can fill various cybersecurity roles.
“It is important to train and upskill existing employees, develop strategies to avoid burnout and ensure talent is retained within the organization”, added Mr Sharma, Regional Director, India and SAARC, NETSCOUT.
Organizations can fortify their digital infrastructure by developing a skilled and knowledgeable workforce, protecting sensitive data, and effectively mitigating evolving cyber threats. The importance of technical expertise, coupled with essential soft skills, ensures that cybersecurity professionals can adapt to the dynamic nature of the field. By bridging the skill gap, Indian enterprises can bolster their security posture, safeguard critical sectors, and pave the way for a secure and resilient digital future.