India will be short of 3.5 million cybersecurity jobs by year-end

Is India ready to meet this demand and is it preparing a cybersecurity workforce for the unforeseen cyber future?

India is in dire need of cybersecurity professionals.

With several recent incidents of data breach, India’s cybersecurity jou­r­ney so far proves this demand.

But is the country ready to meet this demand and is it preparing a cybersecurity workforce for the unforeseen cyber future?

A report titled “India Cybersecurity Services Land­scape” by Nasscom-Data Secu­rity Council of India (DSCI) pred­icts that the Indian cy­b­er­security services industry would grow at a compound annual growth rate (CAGR) of about 21 per cent to touch $13.6 billion by 2025.

And by 2022, the industry, which gen­erated a cumulative revenue of about $4.3 billion in 2019, is expected to grow to $7.6 billion.

However, around 3.5 million jobs in the cybersecurity space will remain unfilled by the end of 2021.

What can be done to bridge the gap?

Hands-on training a challenge

Though there are some specia­lised courses available within and outside the country, hands-on training remains a challenge as most organisations are able to devise solutions only after an attack happens, says Govindraj Basatwar, head of Global Business for INKA Entworks, which specialises in digital rights management and mobile application security.

“The focus needs to be on proactively detecting and avoiding attacks.

"Security training experts should also increasingly work towards developing skills in the same area,” he says.

“Evolving tools in ethical hac­king, too, can contr­ibute tremendously to provide good use cases to emerging professionals.”

According to a study by job portal Indeed, cybersecurity jobs saw a jump of 6 per cent in May 2020, just when Covid-19 started impacting IT.

IT teams across sectors have also been planning to allocate more funds to fulfill their cybersecurity needs.

With 1.5 million software engineers produced every year, Indian IT does not lack in workforce.

However, when it comes to specialised talent, it’s really hard to find, says Raj N, founder of Zaggle (a B2B FinTech company) and ZikZuk (a neobanking platform).

While bridging this gap is a challenge, it is also an opportunity.

“Companies that are offering online courses should up their game in providing really great content and various course options to budding engineers,” Raj N says.

“Corpor­ations should invest heavily in training and creating a powerful security team.

"And finally, service companies should use this opportunity to build a strong and large pipeline of such professionals for start-ups and SMEs (small and medium-sized enterprises).”

Upskilling and reskilling

While India is beginning to bu­ild a workforce that is ready for future cybersecurity demands, what organisations and companies can do right now is upskill and reskill existing employees.

“Upskilling and reskilling to meet the growing demand for cybersecurity professionals is the only option available, considering that it takes time to get newly trained professionals on­line,” says R V Raghu, member, ISACA Emerging Trends Work­ing Group, and director at Ver­satilist Consulting India Pvt Ltd.

A dedicated cybersecurity training and research institute is the need of the hour, adds Sandip Kumar Panda, co-fou­n­der and CEO, Instasafe, a cloud-based security services solution provider.

“The government needs to be proactive when it comes to nurturing offensive and defensive cybersecurity capabilities, and the only way this can be done is by nurturing dedicated human resources and training them exclusively in such programmes.

"Elite institutes can include cybersecurity management, ethical hacking, and other cybersecurity oriented courses in their curriculum.

"Such measures will go a long way in solving the paucity of professionals in the cybersecurity field,” he adds.

As Covid-19 makes remote working a norm, and many organisations remain distracted, cyberattacks have increased and are likely to be reported more as digitalisation speeds up.

And so, Indian institutes must ensure a more prepared workforce that can meet cyber criminals at their game.

Indian IT must also gear up by making ready the existing workforce through in-office training and reskilling programmes.

While it might not be possible to know where the next breach will come from, remaining alert can certainly help.