A recent survey conducted by Fortinet, a global leader in cybersecurity solutions and services, showed that businesses across Asia are now facing challenges in recruiting and retaining cybersecurity talents.
In its 2022 Cybersecurity Skills Gap Report, the company reported that 72% out of more than 1,200 IT and cybersecurity experts it interviewed from 29 different locations in the Asia Pacific Region experienced at least one breach in the last 12 months. Respondents attributed this to a shortage in skilled personnel and to a lack of awareness about cybersecurity, which has put many companies at risk.
The increasing occurrence of security breaches has also resulted in financial losses for many businesses.
The study, which sought to understand cybersecurity professionals’ concerns around talent, recruitment, diversity, and security awareness, also found that in Asia, business organizations have been struggling to hire technology-qualified talents for cybersecurity — with dire consequences. Globally, almost 40% of the respondents said they’ve suffered breaches that had cost them more than US$1 million to remediate.
Critical security roles, including cloud security specialists (57%), security operations analysts (50%), and security administrators and architects (49%), were reported to be among the most sought-after roles in cybersecurity globally.
APAC businesses are not just actively looking to expand their cybersecurity workforce, they are now also looking to build more diverse teams.
Regionally, 90% of companies said they have explicit diversity goals as part of their hiring strategy, with 75% indicating having formal structures to specifically recruit more women, and 59% having strategies in place to hire minorities. Additionally, 65% of organizations said they have put in place efforts to hire more veterans.
APAC lagging behind in addressing cybersecurity workforce shortage
According to data from the 2021 International Information System Security Certification Consortium (ISC2), cybersecurity hiring trends differ greatly depending on an organization’s size. It estimates that the shortage of cybersecurity workforce has since reached 1.42 million in the Asia Pacific Region (APAC) – the largest regional workforce gap in the world.
Larger APAC enterprise employers remained relatively steady in their hiring demand, already surpassing pre-pandemic levels. Small and medium-sized enterprises (SMEs) and mid-market organizations in the region, on the other hand, were found to be lagging behind their global counterparts in the intent to hire, suggesting relative softness on the topic of cybersecurity.
This is despite a reported surge in cyberattacks and breaches across the region.
Check Point Software Technologies, an American-Israeli cybersecurity solutions provider, recorded a 168% year-on-year (YoY) increase in cyberattacks in the region in May 2021. On average, the firm estimates that an organization suffers from about 1,245 attacks on a weekly basis.
Leading American computer manufacturer IBM also observed that same phenomenon in 2021. X-Force, its security offering, was reported to have received 26% of attacks from Asia, making it the most-attacked region in the world.
Finance and insurance organizations were attacked most frequently in the region, making up 30% of the incidents that X-Force remediated, followed closely by manufacturing (29%). Professional and business services (13%), and transportation (10%) round up the tally. Japan, Australia, and India were also reported to be the most attacked countries in Asia.