In India, the demand for cybersecurity professionals continues to grow, but a significant challenge lies in the need for more qualified experts. According to ISACA’s ninth annual research report on the cybersecurity threat landscape, hiring, and budgets, a staggering 40 percent of Indian respondents feel that their cybersecurity teams are understaffed. This report, generously sponsored by Adobe, compiles insights gathered from 113 security leaders in India.

While progress has been made in addressing employee retention, retaining qualified cybersecurity professionals remains a formidable hurdle. An alarming 69 percent of survey respondents admit to struggling with retaining these experts. When seeking to hire cybersecurity professionals, Indian organizations are prioritizing five key technical skills: Cloud computing (46 percent), penetration testing (42 percent), forensics (38 percent), identity and access management (38 percent), and data protection (38 percent).

In addition to technical expertise, soft skills are highly sought after by global employers in India when evaluating cybersecurity job candidates. Critical thinking (59 percent), problem-solving (51 percent), decision-making (49 percent), communication (47 percent), and leadership qualities (33 percent) top the list of essential soft skills.

Respondents in India have identified significant skills gaps among cybersecurity professionals. They believe that the biggest skills deficits lie in Cloud computing (50 percent), soft skills (43 percent), security controls (43 percent), network-related topics (41 percent), and pattern analysis (35 percent).

To bridge these technical skills gaps, respondents propose several strategies. These include training non-security staff interested in transitioning to security roles (55 percent), increasing the use of reskilling programs (46 percent), implementing performance-based training (33 percent), leveraging AI and automation (32 percent), and increasing the utilization of contract employees or outside consultants (30 percent).

Jon Brandt, ISACA’s director of Professional Practices and Innovation, emphasizes the importance of addressing soft skills gaps as part of a systemic issue in the industry. He notes that a collaborative approach is necessary, extending beyond traditional academia to incorporate hands-on training, mentorship, and diverse learning pathways. Such an approach can impact individual skill sets, enhance enterprise security outcomes, and preserve the integrity of the cybersecurity profession.

The cybersecurity threat landscape in India is evolving rapidly. Nearly 55 percent of Indian respondents report an increase in cyber-attacks compared to the previous year. Despite this challenging environment, 63 percent express high confidence in their cybersecurity teams’ ability to detect and respond to these threats effectively.

Looking ahead, 92 percent of India-based survey respondents anticipate a surge in demand for technical cybersecurity individual contributors in the coming year. Additionally, 67 percent foresee an increased demand for cybersecurity managers, and 65 percent believe that cybersecurity budgets will see at least a modest increase in the next year.

RV Raghu, ISACA Ambassador in India and former ISACA board director underscores the urgency of addressing the evolving threat landscape and the persistent cybersecurity skill shortage. He advocates for a concerted approach, urging enterprises to proactively upskill and reskill their staff, in combination with investments in technology, to establish and sustain an effective cybersecurity posture.

In conclusion, the cybersecurity landscape in India presents both challenges and opportunities. Bridging the skills gap and adapting to the evolving threat environment is essential for organizations to protect themselves in the digital age. With collaborative efforts and strategic investments, the industry can fortify its defenses and meet the growing demand for cybersecurity expertise.