The ongoing cybersecurity skills gap is a global problem.
In the US, the Bureau of Labor statistics shows that the number of graduate-level security experts needed will rise by 37 percent in the next decade, double the rate of the IT sector overall. For now, that leaves a widening gap in the number of IT security experts needed to manage a greater number of threats. And security sprawl is adding to the challenge globally – with a growing number of security technology products and an increasing number of security vendors and management consoles.
In Europe, much of the skills shortage can be attributed to the move towards offshoring technology operations to India in the mid-90s. As a result, between 1998 and 2000, it’s estimated that 70 percent fewer graduates attended courses that were core to entering IT professions – such as science, technology, engineering and maths (STEM). The result is a skills gap that may take generations to fill – 20 years according to the UK’s National Audit Office.
There are too many threats and not enough professionals. Whatever the reason for the shortage in IT security professionals, organisations are faced with a growing volume of threats. The bad guys are highly skilled, well organised and tenacious, while organisations are, in the main, under skilled and undermanned.
Click here to read our full In View on the growing global skills gap in cybersecurity and find out what we recommend organisations can do to fill the gap.
Singapore must work to plug a “big” cyber security skills gap, the Chief Executive Officer of the Singapore Cyber Security Agency has said. “There is a big shortfall of cyber security professionals”, David Koh told GovInsider. In Singapore, “there is a shortage of about 1,000 professionals today”, he said. The agency expects the demand to double to 9,700 by 2021. The CSA has found particular areas where there needs to be greater training and developing: penetration testing, vulnerability assessment, incident response, digital forensics and malware analysis. Last month, the agency partnered with CREST, a technical information and security accreditation body to introduce penetration testing certifications and accreditations in Singapore.