THE rapid growth of the cybersecurity industry, coupled with threats posed by technological advancements, is resulting in greater job creation in the field.
Citing the Forbes Top 10 Digital Transformation Trends for 2021 report, cybersecurity management firm Tecforte said the advancements in technology have led to a high demand for cybersecurity skills with global statistics predicting that the cyber crime damage would be US$6 trillion (RM25 trillion) annually by this year.
A 238% rise in attacks on banks and a 600% increase in attacks on cloud servers were observed from January to April 2020 alone, Tecforte told StarEdu.
But despite the growth in the cybersecurity industry, Malaysia still lags behind in its production of experts, noted CyberSecurity Malaysia (CSM) chief executive officer Datuk Dr Amirudin Abdul Wahab.
As of December last year, Malaysia recorded a shortage of 7,917 professionals but the country is aiming to produce 20,000 cybersecurity experts by 2025, he shared. Meanwhile, Malaysia is projected to have an additional 9,020 cybersecurity professional positions by 2026 that need to be filled, noted Tecforte.
These statistics, said the firm, highlight the opportunity for cybersecurity graduates in current and future economies driven by digital needs.
As we head towards a digital economy, the demand will not just be for more graduates, but also “quality” graduates who are ready to meet the demands of the industry, Tecforte pointed out.
“However, the supply of cybersecurity talents being churned out by local universities is insufficient for the needs of the industry.
“There is also a gap between the quality of students against the requirements or expectations from the industry, as students are mainly educated via theory and not so much through practical, hands-on experience,” the firm said.
Traditionally, the majority of cybersecurity graduates were employed in cybersecurity or technology-centric companies as these were areas that demanded the skillset.
However, as the focus shifts towards digitalisation, these talents will be required by most types of companies and organisations including technology companies, start-ups, multinational companies, government-linked companies, system integrators, technology resellers and distributors, and government agencies, Tecforte said.Asia Pacific University of Technology & Innovation (APU) chief innovation officer and deputy vice-chancellor Prof Dr Vinesh Thiruchelvam said new technologies and innovations to defend against new malwares are expected to gain traction.
As such, cybersecurity will continue to be in demand for talents being piped into the workforce.
“Based on the breadth and depth of its content, cybersecurity should be identified as a standalone cluster within the computing education standards,” he said.
Sectors that need cybersecurity professionals
A key sector that needs cybersecurity talents is Malaysia’s small and medium enterprises (SMEs).
SMEs contribute a large percentage to the country’s overall gross domestic product, which stood at 38.2% in 2020, and also employ 48% of the nation’s workforce, said Malaysia Digital Economy Corporation (MDEC) Digital Infrastructure and Services director Wan Murdani Wan Mohamad.
“SMEs are the new big target for cyber attacks because they are not prepared for them.
“They lack the resources and expertise to manage cybersecurity operations,” he said, adding a 2019 study found 84% of SMEs in Malaysia have been compromised by cyber threat incidents.
Another study in 2020 found that 76% of SMEs have suffered more than one cyber attack.
Last year alone, Malaysia recorded 6,512 cybersecurity incidents, he said.
Royal Malaysian Police statistics, he added, show 11,875 cyber crime cases reported, with RM498mil in terms of losses in 2018.
In 2020, the number of cases increased to 14,229, with total losses of RM413mil.
In the period between January and May 2021, the number of incidents recorded stood at 4,615, representing almost one-fold increase in threats and incidents comparatively.
“With the vast growing digital economy, cyber attacks will multiply with higher business impact. We are beginning to see SMEs adopt digital technology either to empower their companies to broaden the market or to improve their service delivery methods,” said Wan Murdani.
As SMEs are a big contributor to Malaysia’s economy, he said it is imperative to ensure that the appropriate safeguards are in place.
Cybersecurity adoption for SMEs and as a whole, he said, is no longer an option but a necessity.
As such, he said MDEC, together with the National Cyber Security Agency (Nacsa) and SME Corporation Malaysia, has set out to develop a community approach of public and private sector collaborative programme, known as the Matrix Cybersecurity SMEs (Matrix), which aims to boost cybersecurity adoption and implementation among SMEs across all sectors in Malaysia.
As cyber threats rapidly grow and evolve, Wan Murdani said it is necessary for graduates to have access to – and operate in – a real-life environment to harness skills in proactive security monitoring and incident responses.
“These skills are highly in demand in the industry as more Critical National Information Infrastructure (CNII) organisations are continuing to enhance their security capabilities towards greater digital adoption.
“Immersing students in live-learning also gives them the opportunity to have firsthand experience in dealing with cybersecurity matters.
“This is a value add when they become part of the cybersecurity workforce in the future as it accelerates the skills development,” he added.
Additionally, MDEC works closely with universities to identify in-demand skills by industries and embed these skills in students’ learning.
Besides working with the right partners, be it from the public sector, private sector or academia, Wan Murdani said partnerships with government agencies are critical in ensuring the initiatives align with the national agenda and strategy.
“It amplifies the impact and will benefit the university that we work with,” he said.
A lot of money is also being pumped into the cybersecurity sector.
Wan Murdani said cybersecurity spending for the South-East Asian market in 2019 was about RM10.4bil and is projected to grow at a compound annual growth rate (CAGR) of 13.8%, primarily driven by the services sector, in which it is forecasted to grow at a larger rate of 16.5%, as reported by IDC Digital Transformation: Cybersecurity enabling the Malaysia Digital Economy White Paper.