Demand for cybersecurity talent in Asia Pacific is surging, according to a new report.
(ISC)2 has released the findings of its 2022 (ISC)2 Cybersecurity Workforce Study, highlighting a stark increase in the shortage of cybersecurity professionals.
The global cybersecurity workforce is at an all-time high, with an estimated 4.7 million professionals, with Asia Pacific at 859,027.
Despite APAC representing the greatest regional growth at 15.6%, the data revealed a workforce gap of almost 2.2 million in the region, noting a 52.4% YoY increase.
Sixty percent of APAC respondents report their organisation having a significant shortage of cybersecurity staff. And more than half of respondents (56%) with workforce shortages feel that staff deficits put their organisation at a "moderate" or "extreme" risk of a cyberattack. For organisations looking to mitigate staff shortages, the research suggests that initiatives to train internal talent, rotating job assignments, mentorship programs and encouraging employees outside of IT or the security team to join the field were the most effective.
At the same time, the report finds that 71% of APAC respondents expect their cybersecurity staff to increase somewhat or significantly within the next 12 months. This is not far from the global average of 72%, which is the highest predicted growth rate compared to the last two years (53% in 2021 and 41% in 2020).
"Geopolitical tensions and macroeconomic instability, alongside high-profile data breaches and growing physical security challenges, have resulted in a greater focus on cybersecurity and the need for more professionals within the field," says Clar Rosso, CEO, (ISC)2.
"The study shows us that retaining and attracting strong talent is more important than ever. Professionals are saying loud and clear that corporate culture, experience, training and education investment, and mentorship are paramount to keeping teams motivated, engaged and effective," he says.
The study takes a closer look at cultural and demographic shifts over the last year. In addition to an analysis of the changing workforce, the study also highlights the top issues with retention, concerning workplace conditions such as burnout, the shift of racial, gender and ethnic diversity among younger cybersecurity professionals, the changing perception of certifications in the field, as well as the impacts from current events and future predictions of the cybersecurity workforce.
Key findings include:
75% of global respondents report strong job satisfaction and the same percentage feel passionate about cybersecurity work, yet 70% of global respondents still feel overworked.
While two-thirds of Singapore respondents (66%) agree that an increase in remote work has drastically changed how their organisation approaches cybersecurity, nearly half (46%) would consider switching jobs if they are no longer allowed to work remotely.
67% of Singapore respondents are investing in training to help prevent or mitigate cybersecurity staff shortages at their organisation.
63% of Singapore respondents agree cybersecurity hiring managers and HR collaborate well on developing roles and job descriptions for security staff at their organisation.
Of those that responded there was a shortage of cybersecurity staff, 67% of Singapore respondents say the biggest cause of this shortage is that their organisation cant find enough qualified talent.
Diversity, Equity and Inclusion
55% of global employees believe diversity will increase among their teams within two years.
Nearly 25% of global respondents below age 30 consider gatekeeping and generational tensions as top-five challenges for the next two years, compared to 6% of workers 60 or older.
47% of APAC respondents state that their organisation is investing in diversity, equity, and inclusion initiatives (e.g., attracting more women and minorities to enter the cybersecurity profession)
Changing Perceptions and Current Events
64% of global respondents seek new certifications for skills growth and stay current with security trends.
25% of APAC employees (Singapore: 30%) state that their organisation would increase their security budget as the result of a breach. However, only 18% (Singapore: 22%) state that their organisation would hire additional IT staff.
50% of APAC cybersecurity professionals are concerned about the skills shortage in the cybersecurity sector but this is considered a lesser risk compared to other regions.
26% of APAC organisations have been more focused on business continuity and resiliency due to impacts from the Russia-Ukraine war but this is low compared to other regions.