DSCI released cybersecurity skilling report with EY

Data Security Council of India (DSCI) released the cybersecurity skilling report with EY as the knowledge partner. Powered by Microsoft, the report titled ‘Bridging the Gap: Identifying Challenges in Cybersecurity Skilling and Bridging the Divide’, highlights the current state of cybersecurity and identifies opportunities for improvement through Corporate Social Responsibility (CSR) initiatives and strategic partnerships. The report was unveiled by Shri Abhishek Singh, IAS, CEO, NeGD, Government of India, Mr. Jean-Philippe Courtois, Executive Vice President and President, National Transformation Partnerships, Microsoft, Mr Vinayak Godse, CEO, DSCI and Mr. Chaitanya Kalia, Leader and Partner, Climate Change and Sustainability Services, EY India.

We are at a critical juncture in the cybersecurity landscape, where the demand for skilled professionals is surging and CSR can play a significant role in skilling initiatives. The report emphasizes the importance of their contribution in terms of resources, expertise, and employment opportunities. CSR professionals have expressed a keen interest in collaborating to strengthen the cybersecurity landscape, develop content, and expand interventions.

To comprehensively assess the current state of cybersecurity talent, the objective of this report is to examine it from multiple perspectives, with a particular focus on individuals with 0 to 5 years of experience. Addressing the issue of diversity in the cybersecurity ecosystem, which seems to be lacking, is another key aspect of our study. Diversity holds great significance, particularly in the field of cybersecurity.

In terms of inclusivity, the report showcases limited participation from women and Persons with Disabilities (PWDs) in the cybersecurity domain.

Nevertheless, over 82% of companies are committed to enhancing women’s representation by at least 5% in the next five years. The corporates that were part of this study mention that cybersecurity professionals constitute considerably less workforce, however, half of them have plans to increase their cybersecurity workforce considerably over the next five years.

Vinayak Godse, Chief Executive Officer, DSCI said, “India is a destination for security products and services due to its talent pool, inherent strength in serving global geographies, and accelerating pace of cyber security start-up innovation. In addition to the Indian tech industry and domestic user organisations, many multinational corporations that are relocating their security services and operations to India are consuming rising security talent. This report can be an appropriate reference point for stakeholders to orient Cyber security training programs that provide opportunities to close gender and regional diversity gaps in the talent pool.”

Job roles such as Cyber Security Risk Analyst, Cyber Security Analyst, and Penetration Tester are currently prevalent, while roles like DevSecOps Engineer, IoT Engineer, and Analyst IoT Security are expected to surge in the next five years. Key skills that are expected to witness a surge in demand include Artificial Intelligence, Data Forensics, and Hacking Wireless Networks.

Jean-Philippe Courtois, Executive Vice President and President, National Transformation Partnerships, Microsoft said, “Cyberattacks can have devastating impact on organizations and economies – the average cost of a cyber breach has reached $4.35 million. In just one year, the volume of password attacks has risen 74% to an estimated 921 attacks every second. Demand for cybersecurity professionals in India has increased 54% over the past year – and not having enough people with the skills to defend against cybersecurity attacks puts people, businesses, and governments at risk. To address this cybersecurity skills crisis, we must have intentional programs and robust partnerships among governments, organizations in the private sector, and other stakeholders in the skilling ecosystem including educational institutions and non-profits.”

Chaitanya Kalia, Leader and Partner, Climate Change and Sustainability Services, EY India, said, “As the cybersecurity landscape evolves rapidly, corporates have emerged as key stakeholders in skilling initiatives, contributing valuable resources, expertise, and employment opportunities. We are witnessing a growing interest from CSR investments, which can further bolster the cybersecurity ecosystem through content development and expanded interventions. Together, we can bridge the skill gap and fortify our defences against emerging threats.”

The report further highlights that phishing, smishing, and vishing attacks, ransomware and zero-day exploits are expected to increase significantly. Trends driving the demand for cybersecurity include hackers’ use of AI, ML, and IoT, growing regulatory liabilities, and increased data exchange on digital platforms. Corporates play a crucial role in skilling initiatives by providing resources, expertise, and supporting employment opportunities. As per the report, companies further expressed interest in collaborations especially among private sectors, academia, and government institutions, to further strengthen cyber security skilling landscape, develop content and scale the interventions.