Skilled migration: A new paradigm for Government

Reskill for Cyber skills

by Raymond Teo, Martijn Schouten, Jocelle Fernandes - June 2022

_{Share this article}

The shortage of cybersecurity talent is reaching critical levels and leaders are struggling to fill roles and keep organisations safe. But the answer might be closer than many think. Reskilling offers a pathway out of the talent crisis while providing hope to disrupted employees.

Spurred on by the COVID-19 pandemic, leaders everywhere are accelerating their organisation’s digital transformation at an unprecedented rate. We are using AI to automate processes, Cloud to give us data at our fingertips, and IoT to let us work anywhere and anytime. However, the flip-side of technology is its sheer complexity and the subsequent vulnerability it exposes organisations to. This dilemma has leaders worried. CEOs ranked cyber risks as the number one threat to growth in PwC’s 2022 Global CEO Survey¹. More than half of the respondents to PwC’s 2022 Digital Trust Insights Survey² expect cybercrime to increase and are actively looking to bring on more resources to deal with it. 

But there’s a problem. When it comes to the talent needed to keep our companies safe, we're not just talking about a shortage – we’re seeing a talent crisis. Although one in two executives say they plan to add full-time cybersecurity staff, the talent is simply not available. Research firm Cybersecurity Ventures estimated that 3.5 million cybersecurity jobs went unfulfilled in 2021 globally. According to the Cybersecurity Workforce Study³, the global cybersecurity workforce needs to grow by 65% to effectively defend critical organisational assets. 

Asia-Pacific is not immune from this talent crisis. A report commissioned by Amazon Web Services found the number of workers requiring digital skills needs to increase five-fold to meet market demand by 2025⁴ in Singapore, Australia, India, Indonesia, Japan, and South Korea. Indonesia and Malaysia have flagged a concerning need for cybersecurity talent in particular. Each of these countries faces a range of unique challenges. A key issue for Australia, for example, is that only Australian citizens can work in Commonwealth Government cybersecurity roles. 

Existing workforce under pressure

Another factor adding to the cybersecurity talent crunch is The Great Resignation or Great Reset. This trend is most evident in the US, where record-high numbers of resignations were reported in the wake of the pandemic. However, in the Asia-Pacific, it appears that Resignation is not that Great. The number of voluntary resignations in Singapore, for instance, is no higher in 2021 compared to 2020 or 2019⁵. What’s changed is the reasons given for resigning, which are now typically over ‘long working hours’ and ‘demanding work’, rather than for a promotion or new challenges. 

The shortage of cybersecurity talent also puts pressure on the well-being and sentiments of existing cybersecurity workers. A recent survey by Vectra AI found that more than half (51%) of the information security professionals they spoke to have suffered depression, anger, or anxiety due to feeling overwhelmed by work⁶. A further 56% have had sleepless nights worrying about work, and 42% have called in sick because they couldn’t face work. All security professionals (94% of respondents) felt increased pressure to keep their company safe from cyberattacks in the past year.

The case for reskilling

Cybersecurity professionals, organisations and industry associations are acutely aware of the talent crisis and the pressure felt by workers. For some time, they have advocated for prioritising the recalibration of skills, increasing focus on building capability and capacity locally, and facilitating shifts in leadership skills of cybersecurity professionals to include empathy and a willingness to embrace debate along with growth. But clearly, more needs to be done. It’s time for organisations to seriously consider reskilling and redeploying existing employees into cybersecurity roles to close the existing capacity and capability gap.

The case for reskilling has been clear for a while. Intelligent automation, digital disruption, and the need to move more transaction work to lower cost hubs has been reshaping the world of work even well before COVID-19 forced us to work from home. The World Economic Forum continues to reveal staggering numbers of jobs that will be displaced over the next few years and refers to a ‘double-disruption’ due to the pandemic⁷. While tens of millions of jobs will be displaced in the next decade, we still live in a world in which hundreds of millions of jobs are being created. This underlines the need to reskill workers in roles that are disrupted or even being displaced into roles that are critical and in demand. 

Opportunities in financial services

Financial services is particularly susceptible to technology-driven disruption. Over the next few years, it is expected that millions of jobs will be displaced across the Asia-Pacific region. With banks pushing digital transformation and branches shutting down, traditional roles such as bank tellers, branch operations executives, credit and loan officers and transaction banking operations will diminish dramatically. 

But why not reskill and redeploy these employees into cyber roles? Consider the opportunities for branch operations executives. These workers are likely to have a foundation of transferable skills in people development, negotiation, stakeholder management, knowledge of banking and customer services. With targeted training in cyber security, visualisation, and application development, it’s possible to create a transition pathway to move a branch operations officer into a cyber defense office role. Similarly, a quality assurance analyst has skills in monitoring and surveillance, ethics, anti-money laundering and financial crime. With training in ICT security, data collection and analysis, computational modeling, and data analysis you could create a transition pathway into a cyber security role. 

Five questions to beat the talent crisis 

Any crisis also contains within it an opportunity to design a new normal and emerge stronger. By adopting new and unconventional workforce strategies, such as reskilling and redeployment, leaders can both address cybersecurity talent crisis and give new hopes to disrupted employees. PwC’s 2021 Hopes & Fears Survey⁸ showed that 50% of surveyed workers are excited about the future and 77% indicate their appetite to learn new skills or even completely retrain. Where access exists, workers are clearly keen to reskill as needed. With significant demand in cybersecurity, the opportunity is there. 

Here are five key questions to consider when thinking about reskilling for cyber.

1. What skills do you already have? By auditing your current workforce skillset, you’ll have a clear picture of the type, quantity, and location of skills. This will also give you a picture of talent pools that can be retrained.
2. What are the required skills? Be very clear on the skills that are needed to meet your organisation’s cybersecurity goals. Think beyond headcount and define the nature and extent of skills required.
3. What are your preconceived ideas about reskilling? Leaders who pursue a reskilling strategy need to keep an open mind and a belief in their people’s learning aptitude and growth mindset.
4. Do you have the infrastructure to reskill your people? Reskilling is a proven strategy, but you need to have the right learning programs and support.
5. Are you promoting a culture of learning? People will be much more likely to embrace change and growth if it happens in an atmosphere of respect, support and hope.

<sup>1. www.pwc.com/gx/en/ceo-agenda/ceosurvey/2022.html
2. www.pwc.com/gx/en/issues/cybersecurity/global-digital-trust-insights.html
3. cybersecurityventures.com/jobs
4. aws.amazon.com/blogs/publicsector/new-report-asia-pacific-workforce-applying-digital-skills-increase-five-fold-2025
5. Ministry of manpower www.humanresourcesonline.net/great-resignation-in-singapore-mom-clarifies-resignation-rates-remain-below-pre-covid-levels
6. www.infosecurity-magazine.com/news/half-security-leaders-consider
7. www.weforum.org/press/2020/10/recession-and-automation-changes-our-future-of-work-but-there-are-jobs-coming-report-says-52c5162fce
8. www.pwc.com/gx/en/issues/upskilling/hopes-and-fears.html</sup>