In S.Africa The Cybersecurity Skills Gap Is A Chasm

The digital landscape has grown at a rapid pace over the past 10 years, says Vikas Kapoor, Practice head, Cybersecurity and GRC at In2IT Technologies.

The sheer scale of our connected, digital world means that the scope for cyber-crime has also broadened. As each new technology is unveiled, it introduces a new security risk.

South Africa 3rd most Cyber-Attacked Country
South Africa has seen a steady rise in cyber-crime, jumping to rank as the 3rd most cyber attacked country in the world out of 117 countries. The situation is dire, and not helped by their vast shortage of cyber security skills. Cyber security professionals are constantly having to play catch up, and the development of cyber security skills is simply not keeping pace with digital and technological expansion, a lack which cyber criminals are capitalising on.

Mind the Gap
This skills shortage is not confined to South African borders, and countries across the globe face similar challenges. The highly publicised global security breaches of this past year point to an increase in the prevalence of the likes of ransomware, a malware that keeps evolving to find new ways to penetrate and attack networks. As fast as cyber security measures improve to bridge current security gaps, so does cyber threats, resulting in a continuous shortfall of suitably skilled people capable of properly protecting networks from intrusion. Beyond the vast size of growing security concerns, another contributor to the dire shortage of skills in this critical sector is time. 

Becoming a knowledgeable expert in cyber security takes a considerable investment of time spent learning various technologies and systems, and understanding how they integrate. 

It takes time to build a pool of skilled resources, including time spent in the classroom, to time spent garnering experience protecting live networks. Unfortunately, the cyber security space is already on the back foot and time is of the essence. Cybersecurity experts require more than just the skills taught in a classroom. They also require a mindset that thirsts for knowledge on security threats. It's more than simply understanding how to protect a network but, also, what to protect it from.  The ability to navigate and understand the dark Web, or what new cyber security threats are emerging goes a long way towards a building proactive, security-centric mindset.

Fill the Gap
The challenge for businesses is that they do not necessarily have the right in house skills to cater to their growing cyber security needs. Furthermore, they may not have the right knowledge to hire people with the right skills either. There is a distinct gap in the market for recruitment agencies that specialise in the cyber security industry. Organisations that are tackling this recruitment process themselves, need to ensure they are opting for individuals who possess the full package: suitable cyber security certifications, experience with multiple environments and the security-centric mindset. 

However, such individuals are, for now, few and far between.

Organisations can look to co-sourced services to address their cyber security needs, partnering with experienced outsource partners to supplement their own teams, thus building on their skills while benefitting from the expertise of experts. From a national perspective, South Africa needs to begin addressing the skills gap before we can start to reduce our chances of cyber-attack. 

The United States of America have developed their NICE Cybersecurity Workforce Framework which details a framework around categorising, organising, and describing cybersecurity work into various roles and areas. 
South Africa, at a national level, should be looking to develop a similar initiative. Government led initiatives around building specific learning centres or training facilities for the development of cyber security skills would also go a long way padding skills development.

Additional encouragement of careers in this field can also be attained through offering tax breaks for students pursuing cyber security studies, or organisations who invest in programmes for cyber security development. 
Perhaps even encouraging the bringing in of talent from outside of our borders, in order to supplement our skills pool as well as increase our knowledge base.

It's a matter of time before South Africa feels the full brunt of being a cybercrime target. We need to act now to begin to address this gap before cyber-crime affects our economy and our reputation.

ITWeb

You Might Also Read: 

Three Most In-Demand Cybersecurity Jobs:

S. Africa’s Model For Cybesecurity:

South Africa: Serious About Cyberwarfare:

« Cyber Attacks Rank Alongside Natural Disasters
Drones: A Crowd-Management Solution »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

April 4, 2024 | 11:00 AM PT: Join this webinar to find out about six emerging trends dominating the cloud cybersecurity landscape.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Akin Gump Strauss Hauer & Feld

Akin Gump Strauss Hauer & Feld

Akin is a leading global law firm providing innovative legal services and business solutions to individuals and institutions. Practice areas include Cybersecurity, Privacy and Data Protection.

Snort

Snort

Snort is an open source intrusion prevention system capable of real-time traffic analysis and packet logging.

ReversingLabs

ReversingLabs

ReversingLabs develops cyber threat detection and mitigation tools that address the the latest directed attacks, advanced persistent threats and polymorphic malware.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Finnish Accreditation Service (FINAS)

Finnish Accreditation Service (FINAS)

FINAS is the national accreditation body for Finland. The directory of members provides details of organisations offering certification services for ISO 27001.

NDK InfoSec

NDK InfoSec

NDK InfoSec is a specialist Information Security and Cyber Security search firm. We're not just a security function in a larger generalist recruitment company.

Hyperwise Ventures

Hyperwise Ventures

Hyperwise Ventures lead seed investments in startups in the cyber security and enterprise software spaces.

Shearwater Group

Shearwater Group

Shearwater Group is an award-winning organisational resilience group that provides cyber security, advisory and managed security services to help secure businesses in a connected global economy.

ContraForce

ContraForce

ContraForce is a threat detection and response software providing complete visibility across cloud, network, endpoints, user, and email with the ability to target and block threats in real-time.

ActZero

ActZero

ActZero’s security platform leverages proprietary AI-based systems and full-stack visibility to detect, analyze, contain, and disrupt threats.

Knowledge Lens

Knowledge Lens

Knowledge Lens builds innovative solutions on niche technology areas such as Big Data Analytics, Data Science, Artificial Intelligence, Internet of Things, Augmented Reality, and Blockchain.

Anvilogic

Anvilogic

Anvilogic provides a unifying experience for security professionals aimed at providing improved visibility, enrichment, and context across hundreds of alerting datasets and security tools.

CyberQP

CyberQP

CyberQP (formerly Quickpass Cybersecurity) provide Privileged Access Management built for MSPs. Our system is designed to reduce ransomware and social engineering attack risks.

GuardYoo

GuardYoo

GuardYoo's SaaS platform allows cybersecurity professionals to perform Compromise Assessment remotely from anywhere in the world.

Crayon

Crayon

Crayon is a customer-centric innovation and IT services company. We provide guidance on the best solutions for our clients’ business needs and budget with software, cloud, AI and big data.

Information Systems Security Association (ISSA)

Information Systems Security Association (ISSA)

ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.