Singapore enterprises are expected to increase their cybersecurity spending at a 9.8% CAGR between 2020 and 2025 to hit US$2.3 billion ($3.1 billion) by mid-decade, according to data analytics company GlobalData.
Despite that, the increasing spending may not have significantly strengthened their cybersecurity posture. The M-Trends 2022 report by cybersecurity firm Mandiant found that organisations in Asia Pacific took an average of 21 days to notice cyber intrusions last year, with 13% of those intrusions having dwell times that exceeded three years.
One of the reasons for this is the lack of cybersecurity talent. The International Information System Security Certification Consortium, or (ISC)2, found that the global cybersecurity industry was short of 2.72 million professionals last year, with Asia Pacific having the largest regional cybersecurity workforce gap of 1.42 million.
Fortunately, people in Singapore are generally showing interest in joining the cybersecurity industry. “Undergraduates, in particular, are more likely to consider the sector as they are digital natives who are more familiar with it. They see cybersecurity or white hat ethical hacking as a viable profession and not something that only appears in movies,” says Dr Kevyn Yong, chief learning officer at the Singapore Institute of Management (SIM).
However, the response from mid-career professionals intending to switch to cybersecurity is mixed. “Those with technical skills or in technical roles, such as software developers or infrastructure architects, are more likely to transition into cybersecurity as it’s a fairly easy switch. Those who are less technical may find it challenging, but it’s not impossible. People tend to overestimate how technical cybersecurity is — they don’t realise that the crucial skills for that profession have more to do with cognitive skills,” he adds.
Cognitive skills such as design thinking, agile thinking and systems thinking, says Yong, are critical for cybersecurity professionals to address the ever-changing nature of cyber threats. “If we were to compare two cybersecurity professionals with the same technical skills, the one with stronger cognitive skills will be able to handle complexity better. For instance, she or he may negotiate ransom terms more effectively, given his or her better understanding of the hacker’s motivation.”
A training programme based on real-world experiences
To help Singapore build a pipeline of cybersecurity professionals, SIM is partnering with Mandiant to launch a cybersecurity training programme soon. They will co-develop curricula, co-teach classes and co-certify training with the goal of equipping learners with the right cybersecurity skill sets and latest knowledge on the attacker landscape to meet the industry’s need for trained expertise.
Through the programme, participants can expect to gain knowledge about incident response and threat intelligence analysis from practitioners in the field.
What is unique about this programme is that it is practitioner-led, which means it offers real-world training by top cyber experts in the field.
Tan Yuh Woei, vice president for Southeast Asia, Mandiant
He continues: “We’re getting our incident responders and threat intelligence analysts to train learners and mid-career professionals so they can share their first-hand experience and learnings from their involvement in actual cyber incidents.”
“For example, we’re very much involved in the front lines, including some of the current cyber operations to protect Ukraine’s infrastructure — experiences like these are not something you can replicate easily, and will be valuable to share with learners who enrol in this SIM-Mandiant Cyber Academy.”
Non-technical skills crucial for cybersecurity
The SIM-Mandiant Cyber Academy is also designed to help learners develop the necessary cognitive skills and capability for handling complexity, wherein they will use the big-picture understanding of their organisation and its systems to solve cybersecurity problems and predict cyber risks.
Learners will also learn about contextualised content, which will train them to think about strategies in the context of cybersecurity, such as ransomware negotiations. The rationale for that, says Tan, is that cybersecurity is not just an IT issue but also a business risk. “While cybersecurity issues can be technical in nature, the business side has a part to play too when a cyberattack occurs. When a breach hits an organisation, it’s usually up to the business leaders to decide the next steps, such as negotiating with the hacker or paying the ransom.”
To stay ahead of the latest tech trends, click here for DigitalEdge Section
“This is why our joint programme with SIM also aims to hone learners’ problem-solving and critical thinking skills, and inserts elements of the business environment into some of the cybersecurity issues we’re seeing,” he adds.
Yong also says that the partnership is in line with SIM’s philosophy of working with best-in-class industry experts to ensure its courses keep pace with the changes in real-world business environments.
One can never know enough or outlearn the industry. So it is important for us at SIM to keep collaborating with cybersecurity firms like Mandiant to offer relevant and up-to-date training that will help ensure the employability of our learners after they graduate.
Dr Kevyn Yong, chief learning officer, Singapore Institute of Management (SIM)
Bridging the skills gap
Since it will take some time to plug the cybersecurity talent gap in Singapore, Tan advises business leaders to equip themselves with the necessary cybersecurity knowledge. This will empower them to work with their cyber defenders more effectively to strengthen the organisation’s cybersecurity posture.
Furthermore, Yong believes that employees from other job functions should be also educated on cybersecurity. “Oftentimes, one of the most critical vulnerabilities for any organisation is actually the human employees, as hackers have a very good understanding of human psychology and use this knowledge to trick victims,” he says. This is exemplified by social engineering attacks, wherein the hacker poses as a trusted source to get unsuspecting employees to hand over their credentials or share valuable, sensitive data.
Organisations should also consider using managed threat hunting services from cybersecurity firms to deal with the increasing volume and complexity of cyber threats. Tan says: “For most organisations, cybersecurity is not their core business. But they are required to build a trusted and secure IT environment that supports their operations and solutions.
“Cybersecurity firms like Mandiant can help organisations do so by evaluating their cyber risk exposure, applying up-to-date threat intelligence, and assessing their ability to prevent, detect, contain and remediate evolving cyberattacks, among others.”
As organisations transform to become digital businesses, they must also be capable of fending off and mitigating cyberattacks. This calls for them to have the right tools and talents that can help enhance and future-proof their cybersecurity strategy.
To help organisations in the talent aspect, SIM and Mandiant will continually fine-tune the joint cybersecurity training programme to nurture professionals who can meet the evolving demands and realities of the cybersecurity industry. This will ultimately help Singapore be more resilient against cyber threats as it realises its Smart Nation vision.