Having a skilled team of cybersecurity professionals is an organization’s best defense against threat actors. Not only can it decrease the risk of cybersecurity attacks, but it also reduces business disruption when attacks do occur. However, the 2022 ISC2 Cybersecurity Workforce Study found that the Asia-Pacific (APAC) region is facing a troubling gap in its cybersecurity workforce.

The study surveyed 11,779 cybersecurity professionals across the world in 14 regions, including Singapore, Australia, South Korea, Japan, China, India, the US and the UK. That data suggests that new strategies may be necessary to meet the universal need for cybersecurity professionals.

The workforce grows, but the gap widens

The global cybersecurity workforce grew 11.1% over the previous year, and the APAC region saw the biggest increase at 15.6%. However, the gap between the current workforce and the number of professionals the region needs grew by 52.4% or 2.16 million workers. The APAC gap grew significantly compared to the global average gap of 26.2%.

The cybersecurity workforce gap is of concern to professionals worldwide. The report found that current workers in the field are most concerned about cybersecurity risks with emerging technology over the next two years. More professionals in the APAC region (65%) reported this as their main concern, compared to Latin America (62%), North America and Europe (60%) and the Middle East and Africa (59%).

Additionally, 60% of APAC respondents felt that the cybersecurity shortage is significant, and 56% of cybersecurity professionals in the region felt that the gap put their company at either a moderate or extreme risk of attack.

Reducing the cybersecurity workforce gap

Organizations across the globe, including in the APAC region, can proactively take action to reduce the workforce shortage. Here are ways to close the gap:

Pay competitive wages

Paying cybersecurity professionals market rates helps attract new talent to the field and prevents current professionals from leaving the industry. The APAC region was the second-lowest in pay, with an average salary of $59,379 compared to the North American average of $134,800. The Latin American region came in last with an average yearly pay of $22,185.

Focus on retention

While hiring new talent might reduce the shortage, each time an employee leaves an organization the gap widens even more. Organizations should proactively work to retain employees by offering flexible work schedules, creating custom career paths and promoting from within. Organizations can also reduce attrition by reducing burnout through wellness programs and maintaining a focus on work/life balance. Preventing online or in-person harassment against cybersecurity professionals is another important way to prevent attrition.

Consider a skilling/badges approach to hiring

Many cybersecurity positions require specialized skills, but not necessarily a four-year college degree. By removing the degree requirement and changing the focus to skilling, organizations can increase their pool of qualified applicants. Digital badges are one solution. Teachers in K-12 can also help reduce the gap by introducing those digital badges as part of their curriculum.

Organizations with open cybersecurity positions are at a disadvantage against increasingly sophisticated cyberattacks. When entire regions (such as APAC) face significant shortages, the risk increases even more. By increasing the number of qualified applicants and helping to reduce attrition, the APAC region can begin to close that gap.