Jobs & employment blogs

Jobs & employment blogs

Your career is a journey with many opportunities to explore. As a trusted partner, we guide thousands of professionals and employers through every step of their way. From industry specific insights, interview preparation, to team management and in-demand jobs – we’ve got you covered.

Blogs

Navigating Malaysia's Cyber Security Landscape Today

 
While digital transformation has been a buzzword for the longest time now, the trend of organisations adapting to modern technology has been accelerating at a startling pace. Today, many organisations are adapting to these changes to meet the changing needs of consumers and the workforce. And while disruptions are to be expected with any new technology, none are as threatening as a potential cyber security breach.
 

Today’s businesses are savvier with cyber security, with 77% of global leaders reporting more awareness today compared to three years ago. But while teams are committed to strengthening their cyber security profiles today, 90% of leaders found difficulties implementing their cyber security strategies due to skill gaps in their organisations. 

These findings were part of our Global Cyber Security Report 2023, surveying 1,000 cyber security leaders from across 29 countries. But what of the situation locally? We sat down with Carmen Ling, Senior Consultant, Cyber Security & Technology Governance, Hays Malaysia to get a better grasp of the challenges facing candidates and businesses in today’s climate. 

Malaysia’s cyber security field is an exciting, candidate-driven market 

Today, more and more organisations are looking out for the right cyber security professionals to help them achieve their goals. This is especially the case in vendor environments where high turnover rates result in businesses renewing their search, particularly when new projects are announced. Financial institutions face slightly different challenges, with a growing regulation from Bank Negara necessitating the hiring of individuals who can implement the right security policies and infrastructure.

The search for talent is at all-time high, and cyber security professionals are uniquely positioned to take advantage of this today.

What do cyber security candidates in Malaysia need today? 

There is a persistent shortage of qualified cyber security experts, leading to fierce compatition talents, especially for Cyber Threat Intelligence, Cloud Security and Red Team Candidates. Additionally, candidates who possess new technology skills set such as artificial intelligence, automation, the Internet of Things and blockchain are more likely to be offered a higher salary by employers.
 

Malaysia has recognised the importance of strengthening the nation's cyber security capabilities.

With the rise of threat actors conducting access operations across the region, the Malaysian government has announced a slew of measures aimed at fortifying our cyber security posture. The latest Budget 2023 allocation includes RM73 million to upgrade our threat monitoring, detection, adn reporting capabilities, including the development of Malaysia's cyber forensiv capabilities.

An allocation of RM750 million was also dedicated to the upskilling to 800,000 talents in the technology sector, with an emphasis on tech-related training courses geared towards ensuring candidates across all industries are future-ready.

Threats to information security are accelerating and organisations are struggling to cope

Although businesses are cognisant of the need to establish pipelines for threat intelligence, finding the right talent capable of reinforcing their front lines of defence has been difficult. These front-line skills cover critical areas such as cloud security, security architecture and security engineering.

Experience in running a Security Operations Center (SOC) and implementing a Security Information and Event Management (SIEM) solution were also necessities for a role that has expanded in complexity these last few years. On top of everything, being able to manage cyber security from a governance, risk, and compliance angle is also essential to keep up with local regulatory needs.

Workers with the knowledge and experience required to fill these roles are at a premium in a field where individuals with the right credentials can demand higher salaries from prospective hiring parties. Two-thirds of leaders surveyed did not rate their ability to attract cyber security talent highly amidst fierce competition between organisations to secure these resources.

 

The role of Chief Information Security Officers (CISOs) have expanded greatly

With the rise of cyber-attacks in recent years, the CISO role has grown in importance over the years. On top of developing and implementing security strategies for entire organisations, more and more CISOs have seen greater collaboration with executive board members; a sign of growing organisational interest in cybersecurity.

Today, 47% of global CISOs report directly to their CEO according to the 2023 CISO Report by Splunk. Malaysia has continued to see improved collaboration in this aspect, with 15% more local CISOs now possessing a direct line to their CEO or Board Risk Committee according to our observations. This additional oversight allows for the board to decide on the necessary measures needed for the organisation to meet security requirements in their given industry.

CISOs in this role are empowered to communicate the potential risks to the decision makers and take action independently whenever neccessary. Lacking C-suite buy-in however, CISOs will need to educate business leaders about th importance of cyber security and to ensure that they are aware of the risks, as well as the next steps to mitigate these risks.

Chief Information Officers (CIOs) continue to serve as a first line of defense

While there has been a blurring of roles between CIOs and CISO in certain markets, the two positions retain their distinctions in Malaysian organisations. CIOs remain focused on developing and implementing the organisation's IT and digital strategy. Much like CISOs, they also work closely with other C-suite executives to align technology initiatives with the company's overall goals and objectives.

CIOs serve as the bridge between technology and the business, ensuring that technology investments and strategies align with the organisation's goals and providing the technological foundation for its success. However, with today's increased focus on cyber security, it is imperative that the two can work together to help the business achieve its goals.

In a fast-moving market like tech, we understand the importance of having quick access to top talent who will make a real difference. We have spent years nurturing an ecosystem of highly engaged and unique candidates and will work with you to grow or scale your business using our unique expertise aligned to sectors and technologies. Be sure to reach out to us if you have a position that needs filling.


Cyber security training is now paramount

With a skills shortage having an impact across the board, leaders have acknowledged the need to fill the gap. The result we are seeing is a more relaxed approach to hiring workers who lack formal cyber security accreditations, with the aim of upskilling and retraining both new and existing employees to meet organisational needs.


This investment does not extend to employee retention, where many organisations prefer offering remote and hybrid working arrangements and a better work-life balance over monetary rewards to entice talents to stay.

On the other hand, certified cyber security candidates are finding themselves in high demand with a limited pool of competition. Many candidates today look beyond salary increments, moving between organisations for the chance to experience new industries and to fight for career growth in organisations where senior leadership for threat intelligence has yet to be established.

As recruitment experts in cyber security, we can help our candidates widen their career prospects. Reach out to us and let us find your next cyber security job for you.


Cyber Safety Next Steps

With cyber security defense strategies taking a hit due to the myriad of factors outlined above, organisations will need to find effective solutions to fill these gaps in talent. Summarised below are some simple next steps leaders can take to solve for this:

Consider unexplored talent

Although they may not have the experience or complete skillset, there are people out there with the learning mindset to help your business. Broaden your search and think about the relevant skills any recruits would need and which they could build upon with the right training.

Upskill your current talent

It’s vital that your organisation stays ahead of cyber criminals through continuous learning. Ensure that senior leadership are aware of its importance and that your cyber security team are familiar with the latest practices and technologies.

Find experienced talent

As a lifelong partner to businesses in Malaysia, Hays is well placed to find the right solutions to your staffing needs. From identifying existing talent to training those with potential, we’re working for your tomorrow to help your organisation succeed in the short and long term.

Be sure to browse our articles related to cyber security below.

00

Reports

From salary guides, to diversity reports, or recruiting and hiring trends, we've got you covered.  

Find out more

Embrace the new era box

As your lifelong career partner, we are here to help you navigate an evolving world of work – and move forward in your career. Discover all our latest tips, advice and guides. 
 

Lead in the new era box

As the world of work evolves, we are here to support you through both the current challenges and your longer-term planning. Discover all our latest insights.