Business Wire IndiaCybersecurity has been a growing concern in the last decade or so. It is, in fact, assessed to be a $6 trillion problem, which needs to be addressed at multiple levels. According to ‘Cost of a Data Breach Report’ from IBM, the average cost of a single data breach can be approximately valued at around $3.86 million.
In recent years, owing to a lingering pandemic, organisations had to evolve quickly and allow employees to use a hybrid model of work. This solved one set of challenges, while giving birth to a whole new set of subsequent problems.
In the hybrid model, while millions of employees worked from home, data transmitted on unsecured networks led to a massive spike in breach of security cases, worldwide. Not only was the data of organisations compromised by hackers and under threat of getting wiped out, but they were also made to pay millions in 'ransom' to recover it safely. The alarming situation created during the pandemic brought to fore a key element in cyber security - hiring certified and trained professionals to protect organisational systems. Organisations, across industries, realised how vulnerable they were to virtual attacks and felt the urgency to protect their data.
As per Vehere’s recently conducted exclusive survey:
More than half the organisations (64%) had one or more incidents of breach of security, which resulted in financial loss as well as fines. Almost 38% of organisations incurred losses that ran into millions of dollars. The vulnerability of their sophisticated systems, despite spending large sums for setting them up, exposed the need for increased protection and firewalls.
The 5 primary types of emerging bothersome cyber challenges are Ransomware attacks, IoT (Internet of Things) Attacks, Cloud Attacks, Phishing, Cryptocurrency & Blockchain attacks.
Challenges while hiring cyber professionals are plenty, finding certified and trained professionals who have experience and can stay on in the same organisation, as well as hiring the right person for specialised tasks and then ensuring that their skills are upgraded, is a challenge as well as an expense.
Disappointingly, women and minorities tend to not get jobs easily in this industry, due to biases. Quotas and training programmes are being put into place, to balance the situation.
Mr. Praveen Jaiswal, Founder and CSO of Vehere, said that “Cyber professionals are looking for jobs in organisations that take cyber-security seriously and value their opinions propelling a steady future career growth. They expect to be trained regularly for skill upgradation and have opportunities to nurture, learn and evolve within the organisation, in different roles.”
Certification is also a ‘key differentiator’, while countries like Singapore and Hong Kong find it relatively easier to hire qualified professionals, nations like Japan, Indonesia and Brazil struggle on that front. Worldwide, more than 90% of the organisations have claimed they would pay for an employee to get a certification in cyber security. Though experts may have similar skills, those with certification are usually preferred over their peers who don't have one.
Despite hiring cyber experts, organisations may not achieve complete security till all employees at various levels are made aware and trained at identifying threats, bugs and malware in the system. Currently, 56% of Asian leaders, almost 70% of federal governments and more than 60% of government organisations feel that most employees lack basic knowledge and awareness of how to protect themselves and their organisation's data. A quarter of the media organisations, as well as nearly 30% of local & state government organisations, do not have cyber awareness programmes in place. Almost 87% of the other organisations have implemented training programmes for generating cyber security awareness. However, the leaders of more than half these organisations believe that, despite training, their employees lack sufficient knowledge required for their roles.”
Roles that employers are typically looking for in present scenario are mostly certified professionals who not only specialise in the required field, but also have a diverse skill set. The demand for these professionals is growing and there are several takers for Cloud Security Specialist - 50%, Security Operations (SOC) Analysts - 42%, Security Administrators - 42%, Security Architects - 40%, Security Awareness and Training Administrators - 37%, Network Architects - 34%, DevSecOps Specialists - 32%, Incident Response Specialists -32%, Compliance Specialists - 27%, Penetration Testers - 27%, NOC Operators - 21% & others 1%.
In the coming years, when nearly all our personal and professional data goes online, individuals and organisations will have to be more alert, efficient and fierce in rapidly responding to any threat. The key to succeeding will lie in hiring not just certified experts, but building a strong team of people who stand by each other and the organisation. They would have to think beyond tech and invest in Training, certification and mentorship, Growth opportunities, Emerging security technologies, hiring people with niche skills, Building a team that has diverse specialisations, Developing a cybersecurity strategy - short term and long term, Analysing processes for risk assessment, Empowering individuals with knowledge, responsibilities and decision -making authority. Hiring is the first step, but retaining people is equally important next step. This is possible when all employees, irrespective of their role, are going to be provided opportunities to learn, grow and evolve with the organisation.
