Security skills gap raises risks for Singapore firms

The number of firms Singapore that experienced five or more security breaches jumped by 63% from 2021 to 2022, according to Fortinet.

This was a higher increase as compared to the 53% rise among global organisations, according to the 2023 Global Cybersecurity Skills Gap Report from Fortinet. 

One repercussion of these findings is that many short-staffed cybersecurity teams are burdened and strained as they try to keep up with thousands of daily threat alerts and attempt to manage disparate solutions to properly protect their organisation’s devices and data.

Additionally, as a result of unfilled IT positions due to the cyber skills shortage, the report also found that 63% of Singapore organisations indicate they face additional cyber risks. 

One resulting cyber risk is increased breaches, with 94% of local organisations experiencing one or more cybersecurity intrusions in the past 12 months, up from 72% last year.

More than 60% of local organisations suffered breaches in the past 12 months that cost more than US$1 million to remediate. 

Globally, there were nearly 50% of such attacks, which is an increase from 38% of organisations compared to last year’s report.

At the same time, 76% of local organisations expect the number of cyberattacks to increase over the next 12 months, further compounding the need to fill crucial cyber positions to help strengthen organisations’ security postures. 

Singapore firms expect a higher increase in the number of attacks as compared to global organisations (65%).

Close to 70% agree that the cybersecurity skills shortage creates additional cyber risks for their firm. The report showed that more than 90% of Singapore boards are asking how the organisation is protecting against cyberattacks. 

At the same time, 87% of boards among Singapore companies are advocating for hiring more IT security staff, emphasising the demand for security talent.

In Singapore, roles in cloud security (55%), software development security (49%), followed by security operations (47%) are the hardest to fill.

The report also suggested that employers recognise how training and certifications can benefit their organisation in addressing the skills gap, while also serving as an advantage for anyone looking to advance in their current security profession, as well as for individuals considering transitioning into the field.

Beyond experience, employers view certifications and training as reliable validation of an individual’s skill set with 88% of local business leaders preferring to hire individuals with technology-focused certifications. 

Additionally, 86% of Singapore respondents would pay for an employee to get a cybersecurity certification.

Almost all of the Singapore respondents (96%) indicated their organisation would benefit from cybersecurity certifications while globally 95% of business leaders have experienced positive results from either their team or themselves being certified.

While certifications are highly regarded, more than 75% of Singapore respondents said it is difficult to find people with certifications.