India saw at least one cybercrime every 10 minutes during the first half of 2017.
But Indian companies are struggling to beef up their cybersecurity teams as there’s hardly enough talent around.
There are currently around 30,000 cybersecurity vacancies in India, recruitment experts say, including several for C-suite leaders who can overhaul the overall security strategy of a firm. Other openings include managers who can oversee cybersecurity projects and engineers with impeccable domain knowledge.
The required skills are analytics, engineering, and software development, and also highly specialised functions such as intrusion detection (monitoring suspicious activity on the network), access management, risk auditing, cryptography, forensic sciences, and network security.
And because demand far outstrips supply, those with the skills can potentially make a killing.
In their desperation to hire, companies are willing to pay nearly twice as much as they do to other tech professionals. For instance, engineers with cybersecurity chops and more than three years of experience can make up to Rs25 lakh a year, HR experts said. On the other hand, a software developer with five years at a multinational firm would earn only around Rs10 lakh a year.
Moreover, these job openings cut across sectors such as IT, banking, and retail, and include multinationals and small startups. Business-to-consumer (B2C) firms are the ones hiring more since, more than others, they deal with customer data, often susceptible to crime.
“Till about a few years ago, the internal IT departments in a company were fairly limited. There was a department that used to take care of enterprise resource planning and one that took care of administration. Lately, cybersecurity has become a full division,” Vidur Gupta, director of HR firm Spectrum Talent Management, told Quartz.
By 2025, the cybersecurity space is expected to generate around a million jobs in India, said Anil Kumar, co-founder of talent management company Xpheno. But several of those may be filled up by expats as India lacks the talent required to combat the crisis.
“I’ll get a lot of CVs (that claim to understand cybersecurity) but the right fit is not there,” said Alka Dhingra, assistant general manager at staffing firm TeamLease Services.
Even as cybercrimes get more complex, most available candidates have only the basic training and certifications. Companies, meanwhile, need people who can manage advanced technologies, take care of the transformation from legacy to new-age systems, and innovate.
“Just a certification does not make anybody ready for a job,” said Kumar of Xpheno. “It requires you to work over a two-three year period and gain experience. (So) this shortage will continue for some years.”