Fortinet, the global cybersecurity leader driving the convergence of networking and security, recently released its 2023 Global Cybersecurity Skills Gap Report, which reveals ongoing challenges related to the cybersecurity skills shortage affecting organizations worldwide. Key findings from the global report include:
- The cybersecurity skills shortage has contributed to critical IT positions not being filled, which increases organizations’ cyber risks, such as breaches.
- Cybersecurity remains a priority for boards of directors and there is executive demand for increased IT security headcount.
- Technology-focused certifications are highly regarded by employers, serving as validation of skill sets.
- Organizations recognize the advantage of recruiting and retaining diverse talent to help address the skills shortage, but doing so has presented a challenge.
The Costly Reality of the Increasing Cybersecurity Skills Gap
An estimated 3.4 million professionals are needed to fill the global cybersecurity workforce gap. At the same time, the 2023 Global Cybersecurity Skills Gap Report found that the number of Indonesian organizations experiencing five or more breaches increased to 48%. from 2021 to 2022. This was a lower decrease as compared to the global organizations (53%). One repercussion of this is that many short-staffed cybersecurity teams are burdened and strained as they try to keep up with thousands of daily threat alerts and attempt to manage disparate solutions to properly protect their organization’s devices and data.
Additionally, as a result of unfilled IT positions due to the cyber skills shortage, the report also found that 82% of Indonesia organizations indicate they face additional cyber risks. Other findings highlighting increased cyber risks that could be partially attributed to the talent shortage include:
- Security intrusions are increasing: One resulting cyber risk is increased breaches, with 94% of local organizations experiencing one or more cybersecurity intrusions in the past 12 months, up from 72% from last year.
- More organizations were impacted financially due to breaches: More than 66% of local organizations suffered breaches in the past 12 months that cost more than $1 million to remediate, Globally, there were nearly 50% of such attacks, which is an increase from 38% of organizations compared to last year’s report.
- Cyberattacks will continue to increase: At the same time, 66% of local organizations expect the number of cyberattacks to increase over the next 12 months, further compounding the need to fill crucial cyber positions to help strengthen organizations’ security postures. Indonesia organizations expect a higher increase in the number of attacks as compared to global organizations (65%).
- The skills gap is a top concern for boards of directors: The report demonstrated that all boards of directors in Indonesia are asking how the organization is protecting against cyberattacks. At the same time, 87% of boards among Indonesia companies are advocating for hiring more IT security staff, emphasizing the demand for security talent.
- Hardest roles to fill in cybersecurity: Roles in security operations (56%), Cloud security (48%), followed by software development security (40%) are the hardest to fill in Indonesia.
Upskilling Security Professionals and Developing More Talent with Training
The report also suggested that employers recognize how training and certifications can benefit their organization in addressing the skills gap, while also serving as an advantage for anyone looking to advance in their current security profession, as well as for individuals considering transitioning into the field. Below are additional highlights from the report around training:
- Certifications are sought after by employers: Beyond experience, employers view certifications and training as reliable validation of an individual’s skill set with 96% local business leaders preferring to hire individuals with technology-focused certifications . Additionally, 88% of Indonesia respondents would pay for an employee to get a cybersecurity certification.
- Certifications benefit both organizations and individuals. Almost all of the Indonesia report respondents (90%) indicated their organization would benefit from cybersecurity certifications while globally 95% of business leaders have experienced positive results from either their team or themselves being certified.
- Not enough professionals are certified: While certifications are highly regarded, 78% of Indonesia respondents said it is difficult to find people with certifications.
Increasing Opportunities for Women, Veterans and Other Populations Can Help Solve the Skills Gap
While the report demonstrated that organizations are seeking ways to tap into new talent pools to fill cybersecurity roles, with 8 out of 10 organizations having diversity goals as part of their hiring practices,84% of Indonesia organizations indicate they have difficulty finding qualified candidates who are women, military veterans, or from minority backgrounds.
- The report suggested that there was a decrease in veterans being hired compared to last year, with the number of organizations indicating they hired local military veterans dropping from 65% in 2021 to 50% in 2022.
- At the same time, the report shows there was only a 4% increase year-over-year in local organizations hiring women and minorities (59% in 2021 and24% (Indonesia: 24%) in 2022).
According to Edwin Lim, Country Director of Indonesia, Fortinet,in Indonesia, the need to recognize cybersecurity as a board-level concern has become increasingly urgent. Over 66% of Indonesian organizations have reported cyber breaches in the past year, incurring costs of more than USD 1 million for remediation.
“In response to this trend, Indonesian boards are prioritizing the hiring of IT security personnel, with 87% advocating for their inclusion in their organizations. To bolster the country’s cybersecurity posture and address the skills gap, the National Cyber and Crypto Agency (BSSN) has updated the National Cyber Security Strategy Concept as a crucial component of national security in response to technological advancements. Fortinet, as a leading cybersecurity solutions provider, is committed to collaborating closely with the BSSN and other governmental organizations to enhance Indonesia’s cybersecurity resilience.”
