The Cybersecurity Gap: Rising demand vs Talent in short-supply

Read Article

Written by: Vijay Sivaram, CEO, Quess IT Staffing

Cybersecurity has always been a top priority for CIOs, but with Covid-19 this trend has accelerated aggressively. WFH-catalyzed dependency on technology, wide-spread readiness for 5G, more interconnected devices and less-controlled work environments have led to a surge in vulnerabilities. And in matters of cybersecurity, one is only as strong as their weakest link.

With the increased movement towards digitization and sanctity of data management, security has taken pole position. Earlier in the day, enterprise cybersecurity needs were limited to protecting the back office and other IT Infrastructure, whereas now, with rapid tech adoption, the avenues from where cybersecurity threats can arise are manifold. As cybersecurity and regulatory compliance become the top two biggest concerns of corporate boards today, companies are reviewing security protocols more stringently than ever before, pushing their organization and its leadership to constantly review and implement newer technology. As per a recent study by Gartner, the top trend in enterprise security is the ‘cybersecurity mesh’ – a modern conceptual approach that enables the distributed enterprise to deploy and extend security where it’s most needed. Today, ‘flexible, agile, scalable and composable’ solutions are the need of the hour.

To solve this challenge of security, companies are investing in smart tools, but one of the best ways to plug security gaps is to hire the right cybersecurity talent. But where is this talent? Numerous industry pundits have chimed in about the talent shortage, and a recent study reported that India is expected to have over 1.5 million unfulfilled job vacancies in the field by 2025. With a skewed demand-supply gap, cybersecurity as a field has a zero percent unemployment rate.

Quess data suggests that hiring demand for cybersecurity positions has doubled from April 2021 to September 2021. The lion’s share of demand for these cybersecurity, network security and SAP security skills was dominated by IT hubs Bangalore (38%), Pune (24%), and Chennai (21%), as well as Hyderabad, Mumbai, and Gurgaon. Some of the key roles that customers are hiring for include Cyber Security Consultants, IT Security Analysts, Cloud Security Architects, SAP Security Engineers, and Security Operations Center Analysts.

To battle the skill shortage, recruiters are employing various hiring channels and tapping into their professional networks to source the right-fit candidates for these roles. However, the skill gap still remains. The acute shortage of these cybersecurity professionals has resulted in companies’ willingness to pay a premium salary. As per Quess reports, the average salary per month for a cybersecurity expert is INR 97,000, with numbers varying across cities. Hyderabad leads the pack with an average monthly salary of INR 186,000, followed by Pune with INR 150,000, and Bangalore and Chennai are neck-to-neck with an average salary of INR 78,000 each. However, location isn’t the only factor impacting salary ranges – years of experience, skill competency and even the organization’s own pay scale will determine the final number.

It is safe to predict that the high-demand trend will continue as organizations do away with siloed IT and security professionals to build full-fledged teams that work to protect their enterprise. However, the pipeline of security talent isn’t where it needs to be to help curb the cybercrime epidemic. Until we can improve the quality of skilling and training our cyber experts receive, the talent gap will persist.

So what can organizations do to bridge this talent gap? Employ a multi-pronged approach; (i) train non-security staff who are interested in moving to security roles, (ii) increase the usage of contract employees to fulfill positions, and (iii) invest in skilling programs for fresh and lateral hires.

However, while talent supply can be improved with skilling, organizations need to change their demand-pull strategies. According to findings from the State of Cybersecurity 2021 Part 1 survey report from ISACA, among the skill shortage factors plaguing the cybersecurity industry, poor financial incentives stood out as the most visible reason. The report highlighted that many cybersecurity professionals leave their jobs due to poor compensation (45% respondents) and limited promotion and development opportunities (44% respondents). Firms need to dole out attractive pay packages and perks for qualified candidates, build career growth programs and engage with their employees in order to retain them.

That being said, the future of cybersecurity is bright in India and it is a great time for young professionals to join the field. With technology at the core of every enterprise, the opportunities for cybersecurity are plentiful.

If you have an interesting article / experience / case study to share, please get in touch with us at

Comments (0)
Add Comment