SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cybersecurity
#
Candidates
#
ISACA
ISACA results show security skills shortage dire, but Asia fares well
Wed, 15th Feb 2017
FYI, this story is more than a year old
Author image
By Sara Barker, Copywriter and Senior News Editor
Follow us

ISACA has put the global cybersecurity skills shortage under the microscope and shown that there's still a large gap between job openings and qualified candidates.

ISACA's Cybersecurity Nexus (CSX) conducted a study which found that 59% of organisations say they've received at least five applications for each cybersecurity opening, and only 13% receive 20 or more applications.

ISACA's State of Cyber Security 2017 report also shared more light into the crisis, as it found that fewer than one in four candidates have the required security qualifications that employers are looking for.

In Asia, however, the report found that employers are better positioned to find skilled candidates – 88% said they were able to fill open positions.

ISACA's CEO Matt Loeb says the results show a mismatch between what employers are looking for and what candidates are qualified to achieve.

“Employers are looking for candidates to make up for lost time but that doesn't necessarily mean a significant academic investment. Many organizations place more weight in real-world experience and performance-based certifications and training that require far less time than a full degree program,” he says.

The ISACA report also shows where managers' expectations are concentrated when they hire cybersecurity candidates:

  • 55% say practical, hands-on experience is the most important qualification
  • 69% say security certifications are required for their organisation, and these certifications are as important as formal education
  • 45% believe applicants don't understand the cybersecurity business
  • 25% believe current applicants lack technical skills

How do we close the gap? ISACA recommends five key areas where organisations should hire, assess and keep qualified employees

  • Invest in performance processes for hiring and retention
  • Create a culture of talent maximisation that doesn't impact the bottom line, such as alternative work arrangements, job rotation and investment in personnel growth and technical competency
  • Groom employees with similar skills to move into cybersecurity, for example application and network specialists
  • Use automation for security operational tasks where possible. This reduces overall staff burden and optimises current staff positions
  • Reach out to students and career changers. Consider internship programs.
Related stories
Mako boosts defence against cyber attacks with Radware's protection services
Appdome, Atlassian to automate secure mobile app delivery
Cado Security teams up with Wiz to bolster cloud security solutions
Survey finds half of businesses planning to adopt AI
The rising threat of search engine ad abuse
Top stories
Check Point boosts email security with new AI-powered features
SentinelOne makes it to CRN's inaugural AI 100 list
Upwind fortifies Cloud Security Platform with identity security
Singapore firms suffer downtime due to fibre network disruption
Genetec unveils Security Center SaaS for cloud & hybrid deployments