South Africa needs to build a cyber security talent pipeline in order to cultivate a knowledge-based workforce to successfully work in the domain.
This is according to Joey Jansen van Vuuren, manager of the CSIR's cyber security centre of innovation and business development, who was speaking at the ITWeb Security Summit 2017 in Midrand.
She said in the past, SA focused on using products to fight cyber threats, but has not looked enough at building a pipeline of talent to make sure that capabilities are being grown in the industry.
"There are currently one million cyber security positions open in the world, and by 2019, this will rise to 1.5 million. By that stage, there will be six million cybersecurity jobs across the globe, which means that 25% of these positions will be standing open," she said.
She suspects that as the industry evolves in SA, this figure could be more like 40% to 50% of local positions remaining vacant.
"We have to develop R&D solutions to improve cyber defences and address cybersecurity gaps, expand education opportunities and develop new qualifications and certifications."
Not enough interest
The skills shortage is a worldwide phenomenon and SA is no exception, with only a small pool of local, experienced cybersecurity professionals.
"You won't believe it, but a year ago, I offered universities 100 postgraduate bursaries for cybersecurity and I could only manage to award ten, because there is just not enough interest. There are not enough people coming from the bottom up. So it's very important that we get the pipeline from schools upwards to make sure that there are students to take up these bursary opportunities," she said.
There are currently one million cyber security positions open in the world, and by 2019, this will rise to 1.5 million.
Joey Jansen van Vuuren, CSIR
Jansen van Vuuren said that what is needed is the adaption of education programmes, including degrees and diplomas, to include cybersecurity, as well as the development of new, focused cyber-security qualifications. This would be aided by collaboration with skills training bodies and industry participation.
"In the cybersecurity centre of innovation in South Africa, we want government, business and higher education to collaborate to develop a good playing field to build capacity and capability in the country."
Qualifications development
"The problem is we do not have cybersecurity-focused education programmes in SA," she added.
Because of this, the CSIR last year began developing curriculums for specialised cybersecurity degrees and diplomas. These range from a certificate in cybersecurity awareness at TVET colleges, all the way up to postgraduate and master's degrees in the field.
I offered universities 100 postgraduate bursaries for cyber security and I could only manage to award ten, because there is just not enough interest
Joey Jansen van Vuuren, CSIR
Jansen van Vuuren said a diploma in cybersecurity, catering for operators of security and network operation centres, will start next year at one local university. There are plans for two universities to begin offering a B.Sc degree in cybersecurity as well as a cyber engineering degree from 2019. A structured Master's degree in cybersecurity is already running at two institutions.
Share