Digitalisation is a speeding train with no signs of slowing down. However, like the rest of the world, Singapore is facing a shortage of cybersecurity professionals, exposing businesses to cyber threats. Recent high-profile cases further underscore the high demand for cybersecurity staff.
Despite the recent proliferation of tertiary education courses in cyber skills and heightened awareness of cyber security in the community, severe staff shortages persist, and successful cyber-attacks continue to rise.
Recent examples include a ransomware attack on a private eye clinic in Singapore, where the personal data and clinical information of up to 73,000 patients were affected. The information breached included names, addresses, contact details and clinical data.
Meanwhile, decision-makers have twigged that having the right set of skills and talent to manage cyber-attacks and data breaches is no longer just a technical challenge for the boffins in the backroom to manage.
Today, organisations of all sizes need to look for inventive ways to fill cyber security roles. Indeed, the federal government is leading the way, as the Cyber Security Agency (CSA) of Singapore helms the Singapore Cyber Talent initiative, which aims to reach out to a minimum of 20,000 individuals within the next three years.
They have also partnered with the Infocomm Media Development Authority (IMDA) in its pursuit of supporting both fresh and mid-career professionals in learning through training on the job.
The cyber skills shortfall
On top of our need for talent in the financial and technology industry, Singapore is experiencing a skills shortfall in the cyber security sphere. The CSA estimated a shortage reaching up to 3,400 cybersecurity professionals in 2020.
In Asia-Pacific, meanwhile, there is a workforce gap of approximately 2.6 million in the cybersecurity sector, according to research by the International Information System Security Certification Consortium (ISC)².
A major factor behind the shortage of cybersecurity professionals has been the rapidly increasing cybercrime activities.
According to Deloitte, cybercrime has adopted a cloud and managed service business model, which makes cybercrime an easy process that doesn't need any formal education to fully comprehend.
The use of cloud services and applications increasing the frequency of cybercrime created an urgent organisational need to advance cybersecurity measures, increasing the demand for cybersecurity experts.
The CSA further explained that skills such as cyber forensics, cyber risk management, security assessment and testing are in high demand. Furthermore, demand is increasing for cloud and IoT security, due to the rising number of devices connected to the internet for remote work.
While many organisations and educational institutions have begun initiatives to grow these skills, few businesses have the time or inclination to wait for a pipeline of new talent to become available sometime during the next five years.
They need cyber security leaders and workers with the knowledge and skills to tackle the myriad challenges this year will uncover, including managing remote and hybrid working, and the security issues associated with migration to the cloud. And they need them now.
Remuneration and technology are key
One option may be to augment your team with IT professionals who have skills aligned with security, such as network engineering or forensics.
Poaching is also a problem for many organisations. Human resources departments need to develop strategies to encourage cyber specialists to stay put. Organisations may also need to work harder to attract more women into the field.
Offering flexible working arrangements and family-friendly policies that support work-life balance is key to attracting and retaining top talent – both male and female.
Accessing international talent remotely is a potential interim solution to the skills shortage. However, there may be resistance in some organisations, from leaders chary about the wisdom of offshoring vital, sensitive work to organisations and individuals in foreign jurisdictions.
Remunerating security professionals, from the CISO down, providing them with a clear path for career advancement and publicly acknowledging the vital contribution they make to the enterprise can help keep your team onboard and onside. Make your organisation a fun place to work, reward your staff well and reap the benefits.
Adopting technology that provides your cyber specialists with greater insight into threats and makes it easier for them to detect and disarm advanced attacks before damage is done. It can also help to mitigate the threat posed by a shortage of bodies on the ground.
In 2021, the risk of falling victim to a cyberattack, e-crime or data breach is real and rising for Singaporean organisations. Any incident can be disruptive and expensive – and damaging to your enterprise’s reputation – particularly if customer data is compromised.
Ensuring you have the talent and tools that can stop you from becoming a statistic should be a high priority, now and into the future.