Check Point recently surveyed 450 IT professionals across the world, asking them questions about their challenges in managing their organisations’ security. The results were startling. It found that 77% of all respondents were concerned with their security teams’ capabilities to deal with current and future cyber security challenges. When asked for the reasons for these concerns, 67% expressed that their teams lack the cyber-security knowledge and expertise required to handle the current level of cyber-attacks.

In Africa, the skills crisis is continent-wide. The security industry here is thriving – but as the market grows so the demand for scarce cybersecurity skills increases.

On 21 October 2020, AFRALTI held a virtual Fireside Chat on Cybersecurity Skills Gap in Africa. The one and a half hour chat saw different Cybersecurity experts in Africa give their views on what needed to be done to combat the lack of sufficient cybersecurity skills in the continent.

Speakers at the event championed the need for capacity building in the security industry. However, it was noted that gaining certification in cybersecurity skills is expensive and can be deterrent to many entering the industry. By subsidising or covering certifications in full, businesses will more easily attract and retain talent.

Companies looking for cybersecurity skills want a tertiary qualification as an entry-level requirement when, in reality anyone can be upskilled- with relevant baseline qualification, such as a CISSP and experience or exposure to generalist IT environments, people could become good all-round security practitioners.

Along with lowering barriers to entry, we also need to diversify the industry to attract more female and minority talent. Cybersecurity is still a male-dominated industry but if we make it more attractive to women and minorities, we’ll also widen the talent pool.

Speaking to People’s Daily in Nairobi, AFRALTI’s Director Mr. William Baraza said, “Solving the cybersecurity skills gap crisis  requires all the stakeholders involvement.  The government through the Ministry of Education needs to promote the STEM curriculum to prepare young people to take up careers in ICT and cybersecurity.  Universities and Tertiary colleges must adopt new curricula that addresses current cybersecurity needs. The ministry of ICT needs to educate the public on the dangers of cyber insecurity. Business organizations must continue to invest in training and re-training cybersecurity staff. These organizations can also invest in internship programmes to prepare young graduates for the challenging career in cybersecurity. Employees can take certification courses to test their level of skills as they update their skills set in the ever-changing cybersecurity landscape.”

The reality is that every single industry needs cybersecurity expertise, especially as more African businesses move into the cloud and adopt mobile working practices.