Fortinet Annual Skills Gap Report Reveals Growing Connection Between Cybersecurity Breaches and Skills Shortages in Malaysia

John Maddison, Chief Marketing Officer and EVP, Product Strategy at Fortinet

“The results from our latest Global Cybersecurity Skills Gap Report highlight the critical need for a collaborative, multi-faceted approach to closing the skills gap. To effectively mitigate risk and combat today’s complex threats, organisations must employ a strategic combination of leveraging the right security technology, upskilling existing security professionals through training and certifications, and fostering a cyber-aware workforce. As part of Fortinet’s dedication to closing the skills gap through this three-pronged approach, we pledged to train 1 million people in cybersecurity by 2026. As we near the halfway mark of this five-year commitment, we are close to having trained half a million individuals to date.”

Rashish Pandey, Vice President, Marketing & Communications, Asia / ANZ, Fortinet

“A well-trained and certified cybersecurity workforce is our first line of defence against the evolving threat landscape. In Malaysia, where 94% of organisations have experienced breaches due to the cyber skills gap, Fortinet is committed to bridging this divide. Our comprehensive training programs are designed to be accessible to everyone, regardless of their background. Through our collaboration with government agencies, academic institutions, and industry leaders, we aim to create a diverse and resilient talent pool capable of protecting organisations from today’s sophisticated cyber threats.”

News Summary

Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today released its 2024 Global Cybersecurity Skills Gap Report, which highlights ongoing challenges related to the cybersecurity skills shortage impacting organisations in Malaysia. Key findings from the report include:

• Organisations are increasingly attributing breaches to the cyber skills gap.
• Breaches continue to have significant repercussions for businesses, and executive leaders are often penalised when they happen.
• Certifications continue to be highly regarded by employers as validators of current cybersecurity skills and knowledge.
• Numerous opportunities remain for hiring from diverse talent pools to help address the skills shortage.

The Cyber Skills Gap Continues to Impact Companies Worldwide

An estimated 4 million professionals are needed to fill the growing cybersecurity workforce gap. At the same time, Fortinet’s 2024 Global Cybersecurity Skills Gap Report found that 76% of Malaysian organisations indicated that the cybersecurity skills shortage creates additional risks for their organisations. Other findings that highlight the impact of the growing skills gap on companies across the globe include:

• Organisations are attributing more breaches to a lack of cyber skills In the past year, over 94% of Malaysian organisational leaders said they experienced a breach that they can partially attribute to a lack of cyber skills, higher than 92% in the 2023 report.
• Breaches have a more substantial impact on businesses. Breaches have a variety of repercussions, ranging from financial to reputational challenges. This year’s survey reveals that corporate leaders are increasingly being held accountable for cyber incidents, with 62% of respondents in Malaysia noting that directors or executives have faced fines, loss of position, or loss of employment following a cyberattack. Additionally, 52% of respondents indicated that breaches cost their organisations more than USD1 million (MYR4.4 million) in lost revenue, fines, and other expenses last year—up from 45% in the 2023 report.

• Boards of directors view cybersecurity as a business imperative. As a result, executives and boards of directors increasingly prioritise cybersecurity, with 80% of respondents saying Malaysia boards were more focused on security in 2023 than the previous year. And 94% of respondents say their board sees cybersecurity as a business priority.

Hiring Managers Value Continued Learning and Certifications

Business leaders widely regard certifications as validation of cybersecurity knowledge, and those who hold a certification or work with someone who does notice clear benefits. This year’s survey also found that:

• Candidates with certifications stand out. 94% of respondents said they prefer hiring candidates with certifications in Malaysia.
• Leaders believe that certifications improve security posture. Respondents place such high value on certifications in Malaysia that 98% said they would pay for an employee to obtain a cybersecurity certification.
• Finding candidates who hold certifications isn’t easy. 84% of respondents indicated that it is difficult to find candidates with technology-focused certifications.

Companies Are Expanding Hiring Criteria to Fill Open Roles

As the cyber workforce shortage persists, some organisations diversify their recruitment pools to include candidates whose credentials fall outside traditional backgrounds – such as a four-year degree in cybersecurity or a related field – to attract new talent and fill open roles. Shifting these hiring requirements can unlock new possibilities, especially if organisations are also willing to pay for certifications and training. The report also found that:

• Organisations continue to have programs dedicated to recruiting from a diversified talent pool. 88% of respondents said their organisations have set diversity hiring goals in Malaysia for the next few years.
• Diversity hiring varies from year to year. With an increase in ongoing recruitment targets, female hires in Malaysia have risen to 94% in 2023, up from 88% in 2022.
• While many hiring managers value certifications, many organisations still prefer candidates with traditional backgrounds. 92% of organisations in Malaysia still require four-year degrees, and 68% hire only candidates with traditional training backgrounds.

Organisations Are Taking a Three-Pronged Approach to Building Cyber Resiliency

The increasing frequency of costly cyberattacks, combined with the potential of severe personal consequences for board members and directors, is resulting in an urgent push to strengthen cyber defences across enterprises. As a result, organisations are focusing on a three-pronged approach to cybersecurity that combines training, awareness, and technology:

• Help IT and security teams obtain vital security skills by investing in training and certifications needed to achieve this goal.
• Cultivate a cyber-aware frontline staff who can contribute to a more secure organisation as a first line of defence.
• Use effective security solutions to ensure a strong security posture.

To help organisations achieve these objectives, Fortinet offers the largest integrated portfolio of more than 50 enterprise-grade products through its Fortinet Security Fabric platform. Additionally, the award-winning Fortinet Training Institute, one of the industry’s broadest training and certification programs, is dedicated to making cybersecurity certification and new career opportunities available to all populations, including a Security Awareness Training offering for organisations to develop a cyber-aware workforce.