International cyber security and technology vendors need to start playing their part in helping solve the local cyber skills shortage and tackling youth unemployment in the country.
This is the message from Dr Xolile Sibande, information and cyber security expert.
In an interview in advance of her presentation at the Johannesburg leg of ITWeb Security Summit 2026, Sibande says there’s a social responsibility for foreign companies, which commit as part of their entry to the country, to be part of skills development and job creation. However, she says, they often leave the responsibility to local channel partners to fulfil.
ITWeb Security Summit 2026:
Running under the theme: “Redefining security in the face of AI-driven attacks, fragile supply chains and a global skills gap”, the Cape Town leg will be held at the Century City Conference Centre on 25 and 26 May, followed by the Johannesburg event at the Sandton Convention Centre from 2 to 4 June. Click here for more info and to register.
“Historically, technology vendors have used the channel and reseller model with local people who go through the levels of certifications, so they have several people working in-country who are product-certified. The vendors have distanced themselves from those requirements by getting local companies to be the ones to sell, deploy and support their products,” she says.
Speaking on the human side of cyber security and closing the skills gap through inclusive growth, Sibande says international vendors, as well as local organisations, should consider it their mandate to upskill local people and close the gap.
“We need all the role-players to assist us with that.”
Creating a skills hub
While there is a global skill shortage in cyber security, she says that with youth unemployment rates in South Africa above 40%, the context is slightly different.
Sibande believes that if public and private sector organisations can work together to provide skills and opportunities, they can absorb some of this cohort of unemployed people.
“Maybe we can start being a skill hub for the world, where we then outsource these skills that we’ve developed to the world and try to close the gap.”
Cynics will provide numerous reasons why the idea won’t work, but, according to Sibande, changing mindsets plays a big role in making the premise a reality. She says there needs to be a shift in thinking from individuals and organisations to support and invest in the upskilling of young people, through time and financial contributions, as well as the establishment of a central organisation to oversee the programme.
Willing teacher, willing student
Skills, she says, can be taught, but acknowledges that the student must be willing to learn and accept that learning in the cyber security sector is a continuous journey. The young person will need to be responsible for their own development and ongoing out-of-office learning, she says, but calls on organisations to provide mentorship and intern opportunities in the cyber field.
Sibande acknowledges there are risks involved in letting junior skills loose in an organisation’s cyber security architecture, but recommends a staggered approach.
“There is a phase where it's just learning, then they help once they are comfortable with what needs to be done, and once they are comfortable being hands-on, you gradually introduce them to the wider role.
“Set them up with basic work, such as support calls, done in a restricted environment and with someone mentoring them, then you gradually introduce them to more as they become more comfortable, but there's always someone they can go back to.”
She also admits there will need to be a financial investment by companies, but says if the effort is widespread enough across many employers opening up small numbers of cyber-specific internships, the burden will be lessened.
“Partnerships become very important; between the public and the private sector so that every player is involved, as well as academic institutions because they all need to come from a formal development point of view.”
Sibande likens the effort needed to that provided by the Youth Employment Service (YES), which was originally driven by the Presidency.
According to YES, it has supported “213 000 young people with full-time, minimum wage or better employment for 12 months – growing 30% annually, without drawing on taxpayer funding”.
To be effective, she says, there needs to be a central body or organisation, similar to YES, to oversee the development of cyber skills. It would need to provide a platform to match young candidates with intern opportunities, and potentially even offer post-internship employment.
While a centralised entity would likely help the process, it could take time to create the legal framework and get buy-in and budget, so in the interim, Sibande calls on organisations to take the initiative themselves.
“If you see a gap, there's a whole generation of graduates that are unemployed, why don't we tap into that pool and teach them the skills because we have something they can learn,” she says.
“The reality is that everyone would benefit from this initiative because every company needs security.”
Catch Sibande at the Johannesburg leg of ITWeb Security Summit 2026, on 2 June, at the Sandton Convention Centre.
Share
