APAC cybersecurity workforce gap outpaces growth in strength

The cybersecurity workforce gap in the Asia-Pacific region has reached a record high, with 2.7 million professionals needed to adequately safeguard digital assets, according to the ISC2.

A new report from the United States-based nonprofit member organization for cybersecurity professionals shows that the gap widened by 23.4% on 2022, the greatest increase globally alongside North America. 

The 2023 ISC2 Cybersecurity Workforce Study is based on online survey data collected in collaboration with Forrester Research in April and May 2023 from 14,865 cybersecurity practitioners, including 3,685 who are based in APAC.

ISC2 estimates that the APAC cybersecurity workforce has reached just under one million (960,231) people, an 11.8% increase from 2022. This represents more than 100,000 new jobs, and is higher than the global average growth of 8.7%. 

The research also finds new challenges impacting professionals in the field, including economic uncertainty, artificial intelligence, fragmented regulations and skills gaps. 

Additionally, a challenging threat landscape continues to loom over the field, with 71% of APAC (79% in Singapore) cybersecurity professionals saying the current threat landscape is the most challenging it has been in the last five years. 

Only 59% (65% in Singapore) believe their organisation has adequate tools and people to respond to cyber incidents over the next two to three years.

In Singapore, where there is rapid growth in supply, demand is finally starting to catch up such that the workforce gap actually shrank by 34.8% from 2022. 

Despite some progress in closing the workforce gap in select markets, 94% of APAC cybersecurity professionals report skills gaps at their organisation.

The top three skills gaps at APAC organisations are artificial intelligence/machine learning (33%), cloud computing security (32%), and penetration testing (29%).

In Singapore, the top three skills gaps are artificial intelligence/machine learning (35%), zero trust implementation (32%) and cloud computing security (31%). 

Amid economic uncertainty, 44% of APAC respondents experienced cutbacks, which included budget cuts, layoffs and hiring and promotion freezes, slightly lower than the global average of 47%. 

Also, 73% of APAC respondents say that cutbacks have increased their workload, while two-thirds say it has negatively impacted their team morale (67%) and productivity (66%).  

Despite 33% of cybersecurity professionals in APAC seeing artificial intelligence (AI) as the top challenge they will face in the next two years, 42% have no or minimal knowledge of AI. 

“Amid the current threat landscape, which is the most complex and sophisticated it has ever been, the escalating challenges facing cybersecurity professionals underscore the urgency of our message,” said ISC2 CEO Clar Rosso. 

“Organisations must invest in their teams, both in terms of new talent and existing staff, equipping them with the essential skills to navigate the constantly evolving threat landscape. It is the only way to ensure a resilient profession that can strengthen our collective security,” said Rosso.

In addition to technical proficiency in various skills, cybersecurity professionals in APAC stress the importance of non-technical attributes. 

Problem-solving skills (39%) top the list, followed by the ability to effectively communicate (35%), and the curiosity and eagerness to learn (33%).