The eighth annual cybersecurity survey from reputed global IT association ISACA reveals an increase in cybersecurity hiring and retention challenges in the country, which ranks second only to the US in most security threats on cloud, according to McCafe Enterprise Advanced Threat Research Report,
According to ISACA’s new survey report,
State of Cybersecurity 2022: Global Update on Workforce Efforts, Resources and Cyber Operations, 60% of Indian organisations have unfilled cybersecurity positions. 42% report their organisation’s cybersecurity team is understaffed.
Even more concerning is that 59% believe that less than half of their applicants are well qualified for the position they are applying for.
Hiring and retention challenges: 63% of global respondents indicate they have unfilled cybersecurity positions and India reflects the same trend with 60% unfilled positions. 62% of India-based respondents say it takes three to six months for their organisations to find qualified cybersecurity candidates for open positions, compared to 47% globally.
For respondents in India, the top factors hiring managers use to determine whether a candidate is qualified are prior hands-on cybersecurity experience (77%), credentials (45%), and hands-on training (38%). Two in three (65%) respondents report difficulties retaining qualified cybersecurity professionals, a 14 percentage-point increase from 2021.
Discover the stories of your interest
Respondents from India indicate they are looking for a range of skills in candidates, noting the top skills gaps they see in today’s cybersecurity professionals are soft skills (53%), cloud computing (48%) and security controls implementation (42%).
Soft skills are also the second-highest skills gap cited for recent graduates (after security controls) and have seen an 11-percentage-point increase in perception as a skills gap among Indian respondents since 2021.
The top three most required security skills are cloud computing (51%), identity & access management (45%), and data protection (44%). Among the top soft skills deemed important are critical thinking (53%), communication (52%), and problem-solving (44%).
India-based respondents note that their organisations are undertaking multiple measures to decrease cybersecurity skills gaps such as training to allow non-security staff who are interested to move into security roles (58%), increased use of reskilling programmes (44%), increased usage of consultants and external staff (38%), and increased use of performance-based training (36%).
Chris Dimitriadis, ISACA’s chief global strategy officer, said in a release: “Challenges in hiring and retaining cybersecurity professionals have impacted organizations around the world for years, and have only become more complex amid the pandemic and larger shifts in the global workforce.”
He also added that ISACA is addressing those challenges globally by building a workforce of digital trust professionals, who have more holistic and correlated views from the adjacent professions of cybersecurity, IT audit, risk, privacy, and digital technology governance, while also offering state of the art tools in cyber maturity assessments.