Jobs & employment blogs

Today’s businesses are savvier with cyber security, with 77% of global leaders reporting more awareness today compared to three years ago. But while teams are committed to strengthening their cyber security profiles today, 90% of leaders found difficulties implementing their cyber security strategies due to skill gaps in their organisations. 

These findings were part of our Global Cyber Security Report 2023, surveying 1,000 cyber security leaders from across 29 countries. But what of the situation locally? We sat down with Carmen Ling, Senior Consultant, Cyber Security & Technology Governance, Hays Malaysia to get a better grasp of the challenges facing candidates and businesses in today’s climate. 

What do cyber security candidates in Malaysia need today? 

Malaysia has recognised the importance of strengthening the nation's cyber security capabilities.

With the rise of threat actors conducting access operations across the region, the Malaysian government has announced a slew of measures aimed at fortifying our cyber security posture. The latest Budget 2023 allocation includes RM73 million to upgrade our threat monitoring, detection, adn reporting capabilities, including the development of Malaysia's cyber forensiv capabilities.

An allocation of RM750 million was also dedicated to the upskilling to 800,000 talents in the technology sector, with an emphasis on tech-related training courses geared towards ensuring candidates across all industries are future-ready.

Threats to information security are accelerating and organisations are struggling to cope

Although businesses are cognisant of the need to establish pipelines for threat intelligence, finding the right talent capable of reinforcing their front lines of defence has been difficult. These front-line skills cover critical areas such as cloud security, security architecture and security engineering.

Experience in running a Security Operations Center (SOC) and implementing a Security Information and Event Management (SIEM) solution were also necessities for a role that has expanded in complexity these last few years. On top of everything, being able to manage cyber security from a governance, risk, and compliance angle is also essential to keep up with local regulatory needs.

Workers with the knowledge and experience required to fill these roles are at a premium in a field where individuals with the right credentials can demand higher salaries from prospective hiring parties. Two-thirds of leaders surveyed did not rate their ability to attract cyber security talent highly amidst fierce competition between organisations to secure these resources.

The role of Chief Information Security Officers (CISOs) have expanded greatly

With the rise of cyber-attacks in recent years, the CISO role has grown in importance over the years. On top of developing and implementing security strategies for entire organisations, more and more CISOs have seen greater collaboration with executive board members; a sign of growing organisational interest in cybersecurity.

Today, 47% of global CISOs report directly to their CEO according to the 2023 CISO Report by Splunk. Malaysia has continued to see improved collaboration in this aspect, with 15% more local CISOs now possessing a direct line to their CEO or Board Risk Committee according to our observations. This additional oversight allows for the board to decide on the necessary measures needed for the organisation to meet security requirements in their given industry.

CISOs in this role are empowered to communicate the potential risks to the decision makers and take action independently whenever neccessary. Lacking C-suite buy-in however, CISOs will need to educate business leaders about th importance of cyber security and to ensure that they are aware of the risks, as well as the next steps to mitigate these risks.

Chief Information Officers (CIOs) continue to serve as a first line of defense

While there has been a blurring of roles between CIOs and CISO in certain markets, the two positions retain their distinctions in Malaysian organisations. CIOs remain focused on developing and implementing the organisation's IT and digital strategy. Much like CISOs, they also work closely with other C-suite executives to align technology initiatives with the company's overall goals and objectives.

CIOs serve as the bridge between technology and the business, ensuring that technology investments and strategies align with the organisation's goals and providing the technological foundation for its success. However, with today's increased focus on cyber security, it is imperative that the two can work together to help the business achieve its goals.

In a fast-moving market like tech, we understand the importance of having quick access to top talent who will make a real difference. We have spent years nurturing an ecosystem of highly engaged and unique candidates and will work with you to grow or scale your business using our unique expertise aligned to sectors and technologies. Be sure to reach out to us if you have a position that needs filling.

Cyber security training is now paramount

With a skills shortage having an impact across the board, leaders have acknowledged the need to fill the gap. The result we are seeing is a more relaxed approach to hiring workers who lack formal cyber security accreditations, with the aim of upskilling and retraining both new and existing employees to meet organisational needs.

On the other hand, certified cyber security candidates are finding themselves in high demand with a limited pool of competition. Many candidates today look beyond salary increments, moving between organisations for the chance to experience new industries and to fight for career growth in organisations where senior leadership for threat intelligence has yet to be established.

As recruitment experts in cyber security, we can help our candidates widen their career prospects. Reach out to us and let us find your next cyber security job for you.

With cyber security defense strategies taking a hit due to the myriad of factors outlined above, organisations will need to find effective solutions to fill these gaps in talent. Summarised below are some simple next steps leaders can take to solve for this:

Although they may not have the experience or complete skillset, there are people out there with the learning mindset to help your business. Broaden your search and think about the relevant skills any recruits would need and which they could build upon with the right training.

It’s vital that your organisation stays ahead of cyber criminals through continuous learning. Ensure that senior leadership are aware of its importance and that your cyber security team are familiar with the latest practices and technologies.

As a lifelong partner to businesses in Malaysia, Hays is well placed to find the right solutions to your staffing needs. From identifying existing talent to training those with potential, we’re working for your tomorrow to help your organisation succeed in the short and long term.

Be sure to browse our articles related to cyber security below.