FORTINET has released the Asia findings of its global 2022 Cybersecurity Skills Gap Report during its Accelerate Asia 2022 roadshow Malaysian Edition.
The report, among others, reveals that the cybersecurity skills shortage continues to have multiple challenges and repercussions for organisations in Asia.
In presenting the report, Fortinet's vice president of marketing and communications for Asia Rashish Pandey said talent shortage indirectly caused security breaches and subsequently loss of money. As a result, the skills gap remains a top concern for C-level executives and is increasingly becoming a board-level priority for most organisations surveyed.
Across Asia, 89 per cent of organisations reported that their board asks questions specifically about cybersecurity with 79 per cent recommended increasing the IT and cybersecurity headcount.
To hire, most companies look for certified professionals and it is shown in the regional report where 86 per cent of respondents prefer to hire people with certifications and 97 per cent believe technology-focused certifications positively impact their role and team.
However, according to the International Information System Security Certification Consortium's 2021 Cyber Workforce Report, the Asia-Pacific has the largest regional workforce gap of 1.42 million. Even though the workforce gap for Asia-Pacific decreased from the previous year, much needs to be done.
"Our Southeast Asia and Hong Kong survey as part of a global report shows that 71 per cent of participating companies are facing difficulty in hiring technology-qualified talents for cybersecurity, with 63 per cent agreeing that this skill shortage results in severe cybersecurity consequences for the business," said Pandey.
CERTIFIED SKILLS
The report, which surveyed IT and cybersecurity decision makers across countries such as Singapore, Thailand, Hong Kong, Philippines, Malaysia and Indonesia also suggests ways the skills gap can be addressed, such as through training and certifications to increase employees' education.
One major reason for certifications being highly regarded is due to their validation of increased cybersecurity knowledge and awareness and to add on to why certification is important, 89 per cent of respondents shared that they are willing to pay for an employee to achieve cyber certifications.
According to Pandey, Fortinet's skills gap report demonstrated that training and certifications are critical ways organisations seek to further tackle the skills gap and to address this, the company pledged to train more workers under its training programme.
"As more organisations adopt technology such as cloud and automation, the issue of a lack of cybersecurity experts has been exacerbated. Committed to addressing this skill gap, Fortinet's Training Advancement Agenda (TAA) and Training Institute programmes were established to increase access and reach of its cybersecurity certifications and training which are deemed important to hiring organisations, as shown in the survey.
"Fortinet has pledged to train one million professionals by 2026, and through working with local partners, we have succeeded in issuing more than 840,000 certifications since the inception of the programme," shared Pandey.
Besides valuing certifications, 93 per cent of organisations have implemented a training programme to increase cyber awareness.
However, 51 per cent of leaders believe their employees still lack necessary knowledge, which raises questions about how effective their current security awareness programmes are.
For organisations looking for security awareness training, Fortinet offers a Security Awareness and Training service through the award-winning Fortinet Training Institute. The service further protects organisations' critical digital assets from cyber threats by building employee cybersecurity awareness.
This service receives updates from Fortinet's FortiGuard Labs threat intelligence so that employees are learning and keeping up with the latest evolving cyberattack methods to prevent company breaches and risks from being introduced.
HIRING THE RIGHT SKILLS SET
One of the main challenges for organisations is finding and retaining the right people to fill critical security roles ranging from cloud security specialists to SOC analysts.
The report found that 60 per cent of leaders in Asia admit their organisation struggles with recruitment and 57 per cent struggle to retain talent.
Among hiring challenges is the recruitment of women, new college graduates and minorities. Regionally, 76 per cent of organisations see the recruitment of new graduates as the top hiring hurdle, followed by 75 per cent of leaders for the recruitment of women.
Recognising the urgent need for cybersecurity talent in Malaysia, Fortinet Malaysia country manager Dickson Woo said that the company is currently working with Malaysian academia and industry partners "to provide training and certifications to build the next generations of cybersecurity talents".
"Our collaboration with Malaysian academia and industry partners to provide training and certifications is fundamental to such efforts and fortifies our commitment to shaping the next generation of cybersecurity talents in the country.
"As we witness the pivotal recovery in our nation's digital economy, the road ahead is opportune as Malaysians have a more profound awareness of modern threats in the new cyber age. Malaysia has recorded a need for 20,000 professionals in the cybersecurity workforce by 2025," shared Woo adding that improving the urgency of local organisations to hire a diverse group of professionals is highly important too, especially in the cybersecurity industry.
THE MINORITY CHALLENGE
As organisations look to build more capable and more diverse teams, 90 per cent of Asian companies have explicit diversity goals as part of their hiring strategy, according to the report.
"To close the skills gap, it is also crucial for organisations to commit to continuous training and re-training, to develop a diverse group of cybersecurity professionals who can help safeguard Malaysia enterprises against sophisticated and destructive attacks," said Woo.
The report also showed that 62 per cent of the respondents said that hiring minorities, including women and retired professionals, have been challenging for them.
Despite the challenges, 75 per cent of organisations surveyed have formal structures to specifically recruit more women and 59 per cent have strategies in place to hire minorities.
Additionally, 65 per cent of organisations have efforts in place to hire more veterans.