National news from the last few years has shown that India is not well-prepared for cybersecurity attacks. According to a recent survey, India has the third-highest number of cyberattacks after Mexico and France. This has increased the demand for cybersecurity experts exponentially — so much so, that after data science, it has become one of the most sought-after jobs in India.
Many companies including startups and larger firms like Infosys, TCS, Wipro and HCL have begun to invest significantly in strengthening their cybersecurity segments. They are investing in establishing cyber defence centres, investment in technology, talents and training. What was once assumed to be a part of the IT department has now become a stand-alone division. As cybersecurity has grown into a separate vertical, it has a lot of open positions to be filled up.
The demand for cybersecurity professionals in India is on an all-time rise but despite having the largest information technology talent pool in the world, India is facing an acute talent shortage in this sector. That presents a huge opportunity for India and its IT services industry to reskill and fill the gaps.
India Has Huge Cybersecurity Talent Crunch
According to a survey, 59% of organisations have vacant cybersecurity positions suggesting a shortfall of 1.5 million by 2020 globally. Other reports have suggested that business leaders are in an urgent need for cybersecurity skills as the digital gap widens. In fact, 68% of organisations are demanding cybersecurity skills.
Actually, the demand for cybersecurity professionals has tripled in the last year and there are over 15,000 open positions for cybersecurity professionals spanning different industries.
This huge demand, in turn, has led to a sharp increase in the pay package of professionals who can fit the cybersecurity roles. Professionals are being paid anything from double their IT salaries to 10 times the average salary of an IT engineer to fill up this gap.
Popular Job Roles In Cybersecurity
There is a demand for beginner level roles to C-suite executives in cybersecurity who can overhaul the overall security strategy of a firm. Some of the popular roles that are picking up in cybersecurity are:
- Cybersecurity analyst
- Security architect
- Cybersecurity manager
- Chief information security officer
These profiles are aimed at aligning the organisational risk portfolio to manage the security posture with skilled resources. In fact, the required skills for these roles can range widely, such as:
- Access management
- Risk auditing
- Forensic sciences
- Network security
- Data analytics
- Data engineering
- Software development
But as cybercrimes get more complex, most candidates have only the basic training and certifications making them less competent in the market. Experts say that candidates need to look beyond ethical hacking to apply for these roles.
“Over a decade, the approach of ‘Security Management’ has drastically evolved from — run antivirus software>don’t write your password on sticky notes>don’t click on suspicious links — to personalised security controls, stringent threat analysis/management and regulatory enforcement,” Guru Patnaik, Director of Information Security, Zeoptap said.
Challenges On The Way
While many companies are trying to get the cybersecurity skills that exactly match their needs, they find it quite challenging to fill the seats. There are many companies who are investing heavy bucks on training their employees in cybersecurity, while there are several others who are averse to it. This remains one of the major challenges.
There is also a lack of training institutes that equips candidates with the required skills in cybersecurity. There are many institutes now that are catching up but there is still a visible shortage.
Even with the institutes present, the students or engineers are reluctant to spend on cybersecurity training and certification. The costing of the programme remains one of the major barriers, despite the fact that most cybersecurity candidates end up with good employment with good compensation.
What Are Companies Doing To Bridge The Talent Gap?
Many companies now have programmes and initiatives to reskill employees and bridge the huge talent gap that cybersecurity space faces. Infosys, for instance, has three cyber defence centres in India and is planning to open one in Europe and the US in the coming months.
HCL had also shared its plan to double the investment in cybersecurity space in India. It recently opened CyberSecurity Fusion Centre (CSFC) in Texas, which offers end-to-end cybersecurity solutions for enterprises and is bullish on the growth.
Other companies such as TCS and Wipro also have a huge focus on cybersecurity with training programmes in place to train employees in this field. Microsoft along with NASSCOM’s cybersecurity wing has launched ‘CyberShikshaa’ to skill women in this space.
Robert Bosch Engineering and Business Solutions encourage employees to join their cybersecurity community, where they are taught about detecting phishing emails and information on new threats are shared with them to make more aware.
CompTIA, a vendor-neutral IT certification body recently launched a training and certification programme titled, CompTIA PenTest +, to meet the rising demand for cybersecurity professionals in India.
There are other certified programmes such as Certified CISO (CCISO) programme which is one of the most recognised security certification programs aimed at producing top-level information security executives. In our recent interaction with Zeotap’s Guru Patnaik, he shared how it covers various aspects of cybersecurity such as governance, security risk management, control and audit management, security programme management among others.