HK firms prefer solid tech skills in cybersecurity professionals

Technical expertise remains the most important criteria for companies looking toAccording to the Global Information Security Workforce Study (GISW) released last week, the cybersecurity workforce gap continues to widen and is expected to reach 1.8 million by 2022 – a 20% increase over the forecast made in the survey’s 2015 edition.

Now on its 8th edition, the latest GISW study polled more than 19,000 cybersecurity professionals in 170 countries across Europe, North America, Latin America, Africa, Middle East and the Asia. It was conducted by Frost & Sullivan for the Center for Cyber Safety and Education, with the support of (ISC)², Booz Allen Hamilton and Alta Associates

Hiring non-IT people for cybersecurity roles

One key finding of the GISW study said a third of hiring managers worldwide are planning to increase the size of their departments by 15% or more as a way to help narrow the gap.

In this regard, the study calls for companies to look for new recruitment channels and unconventional strategies and techniques to fill the worker gap. And since the study also showed one third of today’s cybersecurity practitioners come from non-IT background, it is encouraging companies to further dive into this talent pool.

(ISC)2 CEO David Shearer reiterated the need for companies to introduce diversity in the hiring of people needed to fill cybersecurity roles.

“The whole umbrella that is cybersecurity – every facet of it – is important. We do not marginalize deeply technical folks, but we certainly can’t marginalize the folks that are looking at it holistically – those that make sure all the pieces of the program are in place. Because any one piece that is not in place is an area of weakness and an area for exploitation,” Shearer told Computerworld Hong Kong. Shearer is in town this week for (ISC)2 Security Congress APAC 2017 held at the Sheraton Hotel.

He added: “We see a lot of women within the profession looking at governance, risk and compliance. These types of position are not the ones that involved sitting around writing scripts and looking at firewall rules”

At present, the cybersecurity field is still a predominantly male workforce and women remain significantly under represented at 11% globally, according to Shearer.

HK firms still prefer techies

A quick survey of local recruitment firms, however, revealed that many companies in Hong Kong still prefer candidates with technical experience to fill vacancies in cybersecurity posts.

Enterprises here have a long way to go before actively exploring the pool of non-IT candidates that could be developed for a cybersecurity career.

“I have certainly seen a couple of instances of this happening but, in terms of new hires for in-house roles at least, it is still relatively few and far between,” said Warwick Pearmund, associate director, Harvey Nash.