- 69 percent of those surveyed have difficulty retaining qualified cybersecurity professionals
New cybersecurity data hones in on where cybersecurity pros come up short, with soft skills, cloud computing, and security controls emerging as the biggest skills gaps in today’s cybersecurity professionals globally and in India, according to ISACA’s annual research report, State of Cybersecurity 2023, Global Update on Workforce Efforts, Resources and Cyberoperations.
Forty percent of Indian respondents say their cybersecurity teams are understaffed, according to the ninth annual survey—which explores the latest cybersecurity threat landscape, hiring challenges and opportunities, and budgets, with insights from 113 security leaders in India. The report, sponsored by Adobe, also shows that 54 percent of respondents indicated that they have job openings for non-entry level roles, compared to 20 percent with job openings for entry-level positions.
Staffing and Skills
The research indicates some strides have been made in addressing employee retention, but it continues to be a challenge. Sixty-nine percent of survey respondents in India say they have difficulty retaining qualified cybersecurity professionals.
Globally, continuing to reduce retention woes may be difficult given that benefits offered to cybersecurity pros have been declining—potentially driven by economic uncertainty. According to respondents worldwide, university tuition reimbursement dropped five percentage points to 28 percent, recruitment bonuses fell two percentage points, and reimbursement of certification fees dropped by a percentage point, compared to 2022.
When hiring, India-based respondents say they are looking for the following top five technical skills in cybersecurity pros:
- Cloud Computing: 46%
- Penetration Testing: 42%
- Forensics: 38%
- Identity and access management: 38%
- Data protection: 38%
When looking at the cybersecurity threat landscape, nearly 55 percent of Indian respondents indicate that their organization is experiencing more cyberattacks compared to a year ago. Despite the difficult threat landscape, 63 percent are very or completely confident in their cybersecurity team’s ability to detect and respond to cyber threats.
- Advanced persistent threats (11 percent)
- Ransomware (10 percent)
- Security misconfiguration (10 percent)
- Unpatched system (10 percent)
- Denial of service (9 percent)
- Sensitive data exposure (9 percent)
A complimentary copy of the State of Cybersecurity 2023 survey report can be accessed at www.isaca.org/state-of-
About ISACA
ISACA® (www.isaca.org) is a global community advancing individuals and organizations in their pursuit of digital trust. For more than 50 years, ISACA has equipped individuals and enterprises with the knowledge, credentials, education, training and community to progress their careers, transform their organizations, and build a more trusted and ethical digital world. ISACA is a global professional association and learning organization that leverages the expertise of its more than 165,000 members who work in digital trust fields such as information security, governance, assurance, risk, privacy and quality. It has a presence in 188 countries, including 225 chapters worldwide. Through its foundation One In Tech, ISACA supports IT education and career pathways for under resourced and underrepresented populations.