India is in dire need of cybersecurity professionals. Can upskilling and reskilling help India bridge the gap between supply and demand?
The pandemic-infused technology adoption and remote working among organizations in India is a sudden change in the ecosystem, which has had no preparation in fortifying its systems. It´s no wonder that India and countries around the globe have witnessed a huge spurt in cyberattacks, read Mobikwik, Domino´s India, and Upstox.
According to Kaspersky’s telemetry, July 2020 saw India record its highest number of cyberattacks at 4.5 million. A year after the pandemic started, in February 2021, India witnessed 377.5 million brute-force attacks, a number much higher than the 93.1 million witnessed at the start of 2020. India experienced 9.04 million attacks in February 2021 itself.
While the answer for organizations is hiring new cybersecurity talent, where to find them is a dilemma for recruiters.
As of the end of 2020, India faced an estimated shortage of 1.5 million cybersecurity professionals. In fact, almost 95% of businesses in the Asia Pacific region lack adequate cybersecurity practices in place, according to a report by Michael Page India titled The Humans of Cybersecurity. The report says that the cybersecurity field is currently undergoing a 43% talent shortage, with cybercrime going up by 600% in the APAC region.
How can India fill this market gap in time to fend off cyber attacks that seem imminent in the face of technological adoption?
R.V. Raghu, Member, ISACA Emerging Trends Working Group; Director at Versatilist Consulting India Pvt. Ltd., told The Tech Panda that upskilling and reskilling to meet the growing demand for cybersecurity professionals is the only option available considering it takes time to get newly trained professionals online.
Learning is a lifelong process, and it is only through continuous upskilling that can one stay relevant in the job market. Today, upskilling is not an option but a necessity
“Professionals are learning and getting certified. Companies too, on their part, are running skilling programs for their existing workforce to bridge the demand supply gap. However, the most important aspect to upskilling and reskilling is in taking up courses that are relevant and that will meet both the current and the future need,” he says.
“Needless to say, learning is a lifelong process, and it is only through continuous upskilling that can one stay relevant in the job market. Today, upskilling is not an option but a necessity,” he adds.
As with All Else COVID Makes it Worse
Among a host of new and emerging technologies in India, cybersecurity has gained prominence over the last few years. Still undoubtedly, the COVID-19 pandemic has further accelerated the need for cybersecurity professionals. The COVID-led shift to remote working has made India more vulnerable to many forms of cyberattacks.
According to a survey conducted by ISACA, 58% of respondents say threat actors are taking advantage of the pandemic to disrupt organizations, and 92% say cyberattacks on individuals are increasing. However, the supply is far from meeting this demand, posing a dire need for upskilling of existing employees to address this need.
Beyond the pandemic, cybersecurity professionals will need to continue to upskill to keep up with the constantly evolving threat landscape, which includes cyberthreats from emerging technologies
According to a Sophos survey, 60% of the organizations in India have said they had difficulty in recruiting people with required skills.
“Many statistics indicate the need for skilled human capital in this space, which upskilling and reskilling can effectively address. However, beyond the pandemic, cybersecurity professionals will need to continue to upskill to keep up with the constantly evolving threat landscape, which includes cyberthreats from emerging technologies,” says Raghu.
“In a post-pandemic world, continuous learning and training will remain important to ensure cybersecurity teams are able to stay ahead of these and other new types of cyberattacks that are on the horizon,” he adds.
Is India Ready?
Do traditional college degrees in India enable adequate cybersecurity courses for the next generation of security professionals?
The entire sphere of IT, including cybersecurity, is dynamic and a continuously evolving one with new developments coming almost every day. Over the last few years, educational institutions have started offering specialized cybersecurity courses at undergraduate and post graduate levels.
Even in the US, a country that abounds with cybersecurity talent and skills, only a small fraction of colleges provides cybersecurity-focused courses for college students. The case for India is easily estimated to be worse.
However, Raghu says, the need requires a more targeted intervention through courses outside of college, which address the current need and requirement and a curriculum that is in tune with the emerging technologies and internationally driven.
Even in the US, a country that abounds with cybersecurity talent and skills, only a small fraction of colleges provides cybersecurity-focused courses for college students. The case for India is easily estimated to be worse.
Also, since new kinds of attacks are cropping up every month, how do college degrees keep up? How can they ensure that courses are up to date with how cyber criminals think?
This again indicates that upskilling and reskilling has to become a part of the workforce in every ecosystem. So, will India be ready soon with a workforce skilled in cybersecurity?
Raghu predicts that India is poised to increase the availability of a workforce skilled in cybersecurity.
“Multiple stakeholders are working towards this, including students, young professionals, and established professionals themselves. This is being accelerated by the availability of certifications and courses with international recognition, such as ISACA’s ITCA and Certified in Emerging Technology (CET), enabling the additions of skills and knowledge commensurate to professional and job requirements while also keeping pace with emerging technologies,” he says.
The Courses to Go For
What kind of upskilling and reskilling programs can prepare existing or future employees for cybersecurity jobs and tasks?
Skills such as Application Development Security, Cloud Security Risk Management, Threat Intelligence, Data Privacy and Security are becoming the most in-demand in the APAC region.
There are numerous upskilling and reskilling programs and courses offered by many organizations and associations to help professionals learn, acquire new skills, and stay relevant in the job market and keep moving up the value chain.
The pandemic-infused technology adoption and remote working among organizations in India is a sudden change in the ecosystem, which has had no preparation in fortifying its systems
For instance, ISACA’s newly launched Information Technology Certified Associate (ITCA) certification is globally recognized. The certification offers students, recent graduates, those new to the IT profession or professionals seeking a career change, with a flexible, hybrid format, consisting of both knowledge-based learning and performance-based learning, through live labs in a virtual environment.
The certification can be achieved at one’s own pace, by completing five modular certificates that focus on different domain areas in IT, including cybersecurity—which can also be earned separately or stacked in different ways:
- Computing fundamentals
- Networks and infrastructure fundamentals
- Cybersecurity fundamentals
- Software development fundamentals
- Data science fundamentals
Those who then want to advance their cybersecurity skills further can consider pursuing ISACA’s CSX Cybersecurity Practitioner (CSX-P) certification, which tests professionals’ ability to perform globally validated cybersecurity skills in a live virtual environment.
Cybersecurity education tools are also developing outside of the traditional classroom, offering free coursework designed by ethical hackers. One such course is the Great Learning’s Cybersecurity program, a six-month online program.
Designed by the Stanford Advanced Computer Security Program, the course delivers a hands-on learning approach. The Stanford faculty crafted course ensures skills that include security design, cryptography, penetration testing, network security emerging threats and defence systems, and some practical skills.
Staying Ahead of the Cybercriminal
India is heading towards crises far greater than what we have seen so far if the country´s dire need for cybersecurity professionals is not met. The pandemic has accelerated tech adoption, resulting in a sharp spike in cyberattacks.
Read more: Enterprises Can Embrace Digitalization to Safeguard Their Businesses from New-Age Cyberattacks
Apart from college level courses, upskilling and reskilling can ensure that professionals from all industries are ready to face the challenges that are to come. There is a need to streamline such learning to ensure greater benefits for a longer time. A hands-on approach can ensure our industries stay ahead of the cybercriminal.